DEV Community: Kiran Sethumadhavan

WOOO

Kiran Sethumadhavan — Mon, 26 Jan 2026 16:02:57 +0000

hii GQE

wwww

Kiran Sethumadhavan — Sat, 24 Jan 2026 16:10:00 +0000

Hello 😝

Top 50 Linux Commands You Must Know as a Regular User

Kiran Sethumadhavan — Fri, 05 Nov 2021 05:08:14 +0000

The top 50 Linux Commands You Must Know as a Regular User are

ls - view contents of directory (list)
pwd - path of the current directory
cd - change directory
mkdir - make new directory
mv - move files / rename files
cp - copy files
rm - remove files
touch - create blank new file
rmdir - delete directory
cat - list content of file to terminal
clear - clear terminal window
echo - move data into a file
less - Read text file one screen at a time
man - show manual of Linux commands
sudo - enables you to perform tasks that require administrative or root permissions
top - task manager in terminal
tar - used to archive multiple files into a tarball
grep - used to searching words in specific files
head - view first lines of any text file
tail - view last lines of any text file
diff - compares the contents of two files line by line
kill - used for killing unresponsive program
jobs - display all current jobs along with their statuses
sort - is a command line utility for sorting lines of text files
df - info about system disk
du - check how much space a file or directory takes
zip - to compress your files into a zip archive
unzip - to extract the zipped files from a zip archive
ssh - a secure encrypted connection between two hosts over and insecure network
cal - shows calendar
apt - command line tool for interaction with packaging system
alias - custom shortcuts used to represent a command
w - current user info
whereis - used to locate the binary, source, manual page files
whatis - used to get one-line man page description
useradd - used to create a new user
passwd - used to changing password of current user
whoami - print current user
uptime - print current time when machine starts
free - print free disk space info
history - print used commands history
uname - print detailed information about your Linux system
ping - to check connectivity status to a server
chmod - to change permissions of files and directories
chown - to change ownership of files and directories
find - using find searches for files and directories
locate - used to locate a file, just like the search command in Windows
ifconfig - print ip address stuff
ip a - similar to ifconfig but shortest print
finger - gives you a short dump of info about a user

Ask Cyber Security related question on
https://discourse.heeraj.com/

Join my telegram Group to know about latest Ethical hacking news and tools more than 300 members I have big plans for you
Join Now
https://t.me/infosecbugbounty

How to become a Pentester

Kiran Sethumadhavan — Fri, 05 Nov 2021 04:22:55 +0000

𝙒𝙝𝙖𝙩 𝙞𝙨 𝙖 𝙥𝙚𝙣𝙩𝙚𝙨𝙩𝙚𝙧

“A Pentester is someone who helps a business test their security posture through a structured attack simulation with a predefined and agreed scope, this is referred to as a penetration test. They help businesses see their vulnerabilities from an attacker’s perspective to highlight the impact of successful exploitation, they will also provide the necessary remediation to mitigate those vulnerabilities."

𝙒𝙝𝙖𝙩 𝙖𝙧𝙚 𝙩𝙝𝙚 𝙨𝙠𝙞𝙡𝙡𝙨 𝙧𝙚𝙦𝙪𝙞𝙧𝙚𝙙?

Solid understanding of all IT fundamentals (Networking Included).
In depth Knowledge of administering Windows, MacOS and Linux operating systems.
Basic understanding of Web servers and their technologies
Basic understanding of Database servers and their technologies
Basic understanding of Application development
Basic understanding of Mobile Application development
Expert in Report writing

𝙒𝙝𝙮 𝙖𝙧𝙚 𝙩𝙝𝙚𝙨𝙚 𝙨𝙠𝙞𝙡𝙡𝙨 𝙧𝙚𝙦𝙪𝙞𝙧𝙚𝙙?

Penetration testing mainly involves identifying vulnerabilities. Attempting to exploit some of them to demonstrate potential impact may be possible depending on the project. You will also need to portray them in a non-technical way to stakeholders and then make recommendations on fixes. To do this accurately and quickly, in-depth knowledge of as much as possible is required. Where knowledge doesn't exist, a penetration tester can acquire it quickly and efficiently. Penetration testing is a vital part of an organisational security plan, however, the output needs to be aligned with business needs. Being able to understand this need and scope it appropriately can have a drastic effect on the career progression of a penetration tester. When studying ensure you have a firm grasp on all of the concepts and invest time in learning how you, as an individual, absorb information quickly.

𝗥𝗲𝗰𝗼𝗺𝗺𝗲𝗻𝗱𝗲𝗱 𝘁𝗿𝗮𝗶𝗻𝗶𝗻𝗴

𝙄𝙏 𝙁𝙪𝙣𝙙𝙚𝙢𝙚𝙣𝙩𝙖𝙡𝙨

CISCO Netacad https://www.netacad.com/
Professor Messer - https://lnkd.in/gF7QqZDj

𝙄𝙣𝙩𝙧𝙤𝙙𝙪𝙘𝙩𝙞𝙤𝙣 𝙩𝙤 𝙥𝙚𝙣𝙩𝙚𝙨𝙩𝙞𝙣𝙜

https://ine.com/ - The eJPT free course, overall best foundation cert in the field.

𝙋𝙚𝙣𝙩𝙚𝙨𝙩𝙞𝙣𝙜 𝙋𝙧𝙖𝙘𝙩𝙞𝙘𝙖𝙡 𝙩𝙧𝙖𝙞𝙣𝙞𝙣𝙜

TCM Academy - https://lnkd.in/dWRhH_NX
TryHackMe - https://tryhackme.com/
HackThebox - https://lnkd.in/d-zvvHGN
Virtual Hacking Labs - https://lnkd.in/d9PQR9UK
OSCP Prep - https://lnkd.in/eaUgBjK

𝙒𝙚𝙗 𝘼𝙥𝙥𝙡𝙞𝙘𝙖𝙩𝙞𝙤𝙣 𝙋𝙚𝙣𝙩𝙚𝙨𝙩𝙞𝙣𝙜

OWASP - https://lnkd.in/gKT8qBq
Portswigger Web security academy - https://lnkd.in/dGbVHbN

𝗔𝗱𝗱𝗶𝘁𝗶𝗼𝗻𝗮𝗹 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻

Public Pentest Reports - https://lnkd.in/eYV-Aku

Ask Cyber Security related question on
https://discourse.heeraj.com/

Join my telegram Group to know about latest Ethical hacking news and tools more than 270 members I have big plans for you
Join Now
https://t.me/infosecbugbounty

How to solve CTF ☠️ (Capture_the_flags)

Kiran Sethumadhavan — Sun, 31 Oct 2021 14:37:18 +0000

Challenge types

Jeopardy style CTFs challenges are typically divided into categories. I'll try to briefly cover the common ones.

Cryptography - Typically involves decrypting or encrypting a piece of data

Steganography - Tasked with finding information hidden in files or images

Binary - Reverse engineering or exploiting a binary file

Web - Exploiting web pages to find the flag

Pwn - Exploiting a server to find the flag

Where do I start?

If I managed to pique your curiosity, I've compiled a list of resources that helped me get started learning. CTF veterans, feel free to add your own resources in the comments below!

Learning

http://ctfs.github.io/resources/ - Introduction to common CTF techniques such as cryptography, steganography, web exploits (Incomplete)

https://trailofbits.github.io/ctf/forensics/ - Tips and tricks relating to typical CTF challenges/scenarios

https://ctftime.org/writeups - Explanations of solutions to past CTF challenges

Resources

https://ctftime.org - CTF event tracker

https://github.com/apsdehal/awesome-ctf - Comprehensive list of tools and further reading

Tools (That I use often)

binwalk - Analyze and extract files

burp suite - Feature packed web penetration testing framework

stegsolve - Pass various filters over images to look for hidden text

GDB - Binary debugger

The command line :)

Practice

Many of the "official" CTFs hosted by universities and companies are time-limited competitions. There are many CTFs however that are online 24/7 that can be used as practice and learning tools. Here are some that I found to be friendly for beginners.

https://ctflearn.com - A collection of various user-submitted challenges aimed towards newcomers

https://overthewire.org/wargames/ - A series of progressively more difficult pwn-style challenges. (Start with the bandit series)

https://2018game.picoctf.com/ - Yearly time-limited CTF now available to use as practice

Conclusion

CTF is a great hobby for those interested in problem-solving and/or cyber security. The community is always welcoming and it can be a lot of fun tackling challenges with friends.

Thank you for reading!
Happy Hacking ☠️

Listen to my favorite Lofi music Tracks
https://www.youtube.com/watch?v=_C12AC2Cxn8

Ask Cyber Security related question on
https://discourse.heeraj.com/

Join my telegram Group to know about latest Ethical hacking news and tools more than 270 members I have big plans for you .....
Join Now
https://t.me/infosecbugbounty

How to Protect Yourself Against Phishing Pages ?

Kiran Sethumadhavan — Sun, 22 Aug 2021 02:58:47 +0000

phishing is an equal opportunity threat, capable of showing up on desktops, laptops, tablets, and smartphones. Most Internet browsers have ways to check if a link is safe, but the first line of defence against phishing is your judgement.

Train yourself to recognize the signs of phishing and try to practice safe computing whenever you check your email, read Facebook posts, or play your favourite online game.

Once again, here are a few of the most important practices to keep you safe:

• Don't open e-mails from senders you are not familiar with.

• Don't ever click on a link inside of an e-mail unless you know exactly where it is going.

• To layer that protection, if you get an e-mail from a source you are unsure of, navigate to the provided link manually by entering the legitimate website address into your browser.

• Lookout for the digital certificate of a website.

• If you are asked to provide sensitive information, check that the URL of the page starts with “HTTPS” instead of just “HTTP.” The “S” stands for “secure.”It's not a guarantee that a site is legitimate, but most legitimate sites use HTTPS because it's more secure. HTTP sites, even legitimate ones, are vulnerable to hackers.

• If you suspect an e-mail isn't legitimate, take a name or some text from the message and put it into a search engine to see if any known phishing attacks exist using the same methods.

• Mouse over the link to see if it's a legitimate link.

As always, we recommend using some sort of anti-malware security software. Most cybersecurity tools can detect when a link or an attachment isn't what it seems, so even if you fall for a clever phishing attempt, you won't end up sharing your info with the wrong people.

All Malwarebytes premium security products provide robust protection against phishing. They can detect fraudulent sites and stop you from opening them, even if you're convinced they're legitimate. You can even try Malwarebytes free before you buy.

So stay vigilant, take precautions, and look out for anything phishy.

Ask Cyber Security related question on
https://discourse.heeraj.com/

Join my telegram Group to know about latest Ethical hacking news and tools more than 300 members I have big plans for you .....
Join Now
https://t.me/infosecbugbounty

How to install nuclei in any linux ☠️

Kiran Sethumadhavan — Tue, 03 Aug 2021 04:55:30 +0000

Nuclei is a fast and customisable web vulnerability scanner which will help you getting in low hanging web vulnerability

First we need to install Go

I always install my tools in /opt folder in linux . Its not neccessary you can clone the repo anywhere .
git clone https://github.com/projectdiscovery/nuclei.git

cd nuclei/v2/cmd/nuclei/

go build .

now we have to move the file to bin folder so that we can access nuclei from anywhere
mv nuclei /usr/local/bin/

Now we are ready to roll

Happy Hacking ☠️

Listen to my favorite Lofi music Tracks
https://www.youtube.com/watch?v=_C12AC2Cxn8

The most common myths about anonymity on the Internet

Kiran Sethumadhavan — Wed, 14 Jul 2021 18:36:15 +0000

Browser and its TOR network

It is considered a good tool for anonymity.

When using this network and the browser, encrypted traffic passes through a chain of proxy servers that are independent of each other. It changes regularly and new proxies are used. Many people think that identifying the user and his data is unrealistic.

But this is not the case. First, the last server sees the traffic in an unencrypted form. Secondly, the hardware of the computer, Canvas Fingerprint and other things are monitored. So yes, Thor enhances anonymity, but it is not a panacea.

The next misconception is that the history of my requests is stored only by my browser and I can easily delete it.

No, any search engine stores and remembers your queries. Has it ever happened that you google some product, and then you are haunted by its advertising? This is it. Google remembered what you were looking for and took advantage of it.

The third myth is that I will turn on the proxy and be anonymous.

First, the ISP sees that you are connecting to a specific proxy server. Therefore, if you are interested, it will not be difficult to track you. And if you don't connect, the provider will initially know and store your entire history of page visits, even if you later delete it from your computer.

Fourth myth. Do you think that if you do not indicate your real name and surname on the Internet, no one will get to them? The answer is no.

For example, many services now require a mobile phone number. And already on it it is not difficult to track you. You will say that the SIM is not registered in your name.

But your phone number is kept in the contacts of your friends, acquaintances and relatives. Some of them have you signed by name and surname. Mom has you signed as "Son". And at least one of your contacts has a phone book synchronization with Google. Do you understand the connection?

Well, the fifth myth is that if you turn off the geolocation in the smartphone, then they will not be able to track my location.

First, you can still be tracked by your phone number with your mobile operator.
Secondly, you can be easily tracked over the Wi-Fi network to which you connect.
Well, and so on) In general, using a smartphone, you can forget about complete anonymity, unless you turn off all the functions there that make it a smartphone.

Such things, guys. So be careful on the Internet.

Do you want to Kick-start a career in Cyber Security and want to know how hackers hack in real life ☠️☠️

Join Now and support !!!
275+ Members already Joined

https://t.me/infosecbugbounty

Have doubts in your mind hackers ?ask your doubts related to cybersecurity Now !!!!!!
https://discourse.heeraj.com/

Difference between TCP and UDP

Kiran Sethumadhavan — Sat, 26 Jun 2021 15:59:45 +0000

Transmission Control Protocol (TCP)
Transmission Control Protocol (TCP) is connection-oriented, meaning once a connection has been established, data can be transmitted in two directions. TCP has built-in systems to check for errors and to guarantee data will be delivered in the order it was sent, making it the perfect protocol for transferring information like still images, data files, and web pages.
But while TCP is instinctively reliable, its feedback mechanisms also result in a larger overhead, translating to greater use of the available bandwidth on your network.

User Datagram Protocol (UDP)
User Datagram Protocol (UDP) is a simpler, connectionless Internet protocol wherein error-checking and recovery services are not required. With UDP, there is no overhead for opening a connection, maintaining a connection, or terminating a connection; data is continuously sent to the recipient, whether or not they receive it.
Although UDP isn’t ideal for sending an email, viewing a webpage, or downloading a file, it is largely preferred for real-time communications like broadcast or multitasks network transmission.

Differences between TCP and UDP

TCP is a connection-oriented protocol, whereas UDP is a connectionless protocol.
The speed for TCP is slower while the speed of UDP is faster.
TCP uses handshake protocols like SYN, SYN-ACK, ACK while UDP uses no handshake protocols.
TCP does error checking and also makes error recovery, on the other hand, UDP performs error checking, but it discards erroneous packets.
TCP has acknowledgment segments, but UDP does not have any acknowledgment segments.
TCP is heavy-weight, and UDP is lightweight.
TCP vs UDP Speed
The reason for UDP’s superior speed over TCP is that its non-existent ‘acknowledgment’ supports a continuous packet stream. Since a TCP connection always acknowledges a set of packets (whether or not the connection is totally reliable), retransmission must occur for every negative acknowledgment where a data packet has been lost.
But because UDP avoids the unnecessary overheads of TCP transport, it’s incredibly efficient in terms of bandwidth, and much less demanding of poor-performing networks, as well.

Do you want to Kick-start a career in Cyber Security and want to know how hackers hack in real life ☠️☠️

Join Now and support !!!
250+ Members already Joined

https://t.me/infosecbugbounty

Top 10 Chrome Extensions for Web Developers 🚀🚀

Kiran Sethumadhavan — Thu, 22 Apr 2021 06:16:04 +0000

Have doubts in your mind hackers ?ask your doubts related to cybersecurity Now !!!!!!

https://discourse.heeraj.com/

Listen to my favorite Lofi music Tracks
https://www.youtube.com/watch?v=_C12AC2Cxn8

Colorzilla

ColorZilla is a css tool from which you can get a color reading from any point in your browser, quickly adjust this color and paste it into another program. And it can do so much more..

LighHouse

Lighthouse is an open-source, automated tool for improving the performance, quality, and correctness of your web apps.

When auditing a page, Lighthouse runs a barrage of tests against the page, and then generates a report on how well the page did. From here you can use the failing tests as indicators on what you can do to improve your app.

Wappalyzer

Wappalyzer is a technology profiler that shows you what websites are built with. Find out what CMS a website is using, as well as any framework, ecommerce platform, JavaScript libraries and many more.

Wappalyzer is more than a CMS detector or framework detector: it uncovers more than a thousand technologies in dozens of categories such as programming languages, analytics, marketing tools, payment processors, CRM, CDN and others.

FakeFiller

Fake Filler is the form filler to fill all input fields on a page with randomly generated fake data. This productivity-boosting extension is a must for developers and testers who work with forms as it eliminates the need for manually entering values in fields.

CSS Viewer

CSSViewer is a simple CSS properties viewer originally made by Nicolas Huon as a FireFox add-on (2006-2008).

Json Viewer

The most beautiful and customizable JSON/JSONP highlighter that your eyes have ever seen. It is a Chrome extension for printing JSON and JSONP.

React Developer Tools

Adds React debugging tools to the Chrome Developer Tools. React Developer Tools is a Chrome DevTools extension for the open-source React JavaScript library. It allows you to inspect the React component hierarchies in the Chrome Developer Tools.

WhatFont

The easiest way to identify fonts on web pages. Firebug and Webkit Inspector are easy enough to use for developers. However, for others, this should not be necessary. With this extension, you could inspect web fonts by just hovering on them. It is that simple and elegant. It also detects the services used for serving the web fonts. Supports Typekit and Google Font API.

Redux Dev Tools

Redux DevTools for debugging application's state changes.
The extension provides power-ups for your Redux development workflow. Apart from Redux, it can be used with any other architectures which handle the state.

Open in Vscode

Open Github and Gitlab links in VSCode. Just right click on any link to a file and select "Open in VSCode". You can also click on line links to open the file to the specific file.

Do you want to Kick-start a career in Cyber Security and want to know how hackers hack in real life ☠️☠️

Join Now and support !!!
275+ Members already Joined

https://t.me/infosecbugbounty

Top 10 AI projects for Resume

Kiran Sethumadhavan — Tue, 20 Apr 2021 11:14:49 +0000

1 Jarvis AI

2 Face Recognition + Attendence

3 Personal AI Trainer

4 Write in air

5 Car Detection

6 Stock Detection

7 Distance Detection

8 Object Detection

9 Hand Tracking

10 Ball Tracker

Do you want to Kick-start a career in Cyber Security and want to know how hackers hack in real life ☠️☠️

Join Now and support us !!!
200+ Members already Joined

https://t.me/infosecbugbounty

Top 10 React projects for Resume 🚀🚀

Kiran Sethumadhavan — Sun, 18 Apr 2021 15:30:15 +0000

Facebook Clone

Instagram Clone
Whatsapp Clone
Linkedin Clone
Amazon Clone
Spotify Clone
Netflix Clone
Hotstar + Disney Clone
Google Drive clone
Signal Clone

Do you want to Kick-start a career in Cyber Security and want to know how hackers hack in real life ☠️☠️

Join Now 200+ Members already Joined

https://t.me/infosecbugbounty