You don’t need expensive hardware or enterprise dashboards to start learning cybersecurity. With just your terminal and a few free tools, you can scan, test, and analyze systems in the same way professionals do.
The best part is there are practice websites made for this exact purpose so you can learn without worrying about legality.
Let’s go step by step with three beginner friendly tools: Nmap, Nikto, and Tcpdump.
1. Nmap
Nmap (Network Mapper) scans machines for open ports and services.
Installation
On Linux (Debian/Ubuntu):
sudo apt update
sudo apt install nmap
On macOS (with Homebrew):
brew install nmap
Example: Scan a test website
Use the official Nmap test server:
nmap scanme.nmap.org
Sample output (shortened):
Starting Nmap 7.80 ( https://nmap.org ) at 2025-09-08 00:00 IST
Nmap scan report for scanme.nmap.org (45.33.32.156)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
9929/tcp open nping-echo
You can also check service versions:
nmap -sV scanme.nmap.org
2. Nikto
Nikto is a web vulnerability scanner. It automatically checks for outdated software and common misconfigurations.
Installation
On Linux (Debian/Ubuntu):
sudo apt update
sudo apt install nikto
On macOS:
brew install nikto
Example: Scan a vulnerable web app
Try it against Acunetix’s test site:
nikto -h http://testphp.vulnweb.com
Sample output (shortened):
- Nikto v2.5.0
- Target IP: 195.35.123.188
- Target Hostname: testphp.vulnweb.com
+ Server: Apache/2.2.8
+ The X-XSS-Protection header is not defined
+ The X-Frame-Options header is not present
+ Entry found: /admin/
This tells you the server is missing security headers and even exposes an /admin page.
3. Tcpdump
Tcpdump captures network traffic and shows it live in your terminal.
Installation
On Linux (Debian/Ubuntu):
sudo apt update
sudo apt install tcpdump
On macOS:
brew install tcpdump
Example: Monitor traffic while visiting a test site
Run:
sudo tcpdump -i eth0 host testphp.vulnweb.com
Now open http://testphp.vulnweb.com in your browser. Tcpdump will log the packets:
Sample output (shortened):
12:00:05 IP your-ip.50544 > testphp.vulnweb.com.http: Flags [S], seq 12345, win 65535
12:00:05 IP testphp.vulnweb.com.http > your-ip.50544: Flags [S.], ack 12346
12:00:05 IP your-ip.50544 > testphp.vulnweb.com.http: Flags [.], ack 67890
This shows the TCP handshake and HTTP request flow.
Final Thoughts
By combining Nmap, Nikto, and Tcpdump you get a starter toolkit for cybersecurity exploration:
- Nmap maps out open ports and services.
- Nikto checks for common web vulnerabilities.
- Tcpdump lets you watch raw traffic in real time.
All of these run directly in your terminal, are free, and can be practiced safely on scanme.nmap.org and testphp.vulnweb.com.
Try them out today and you’ll see that cybersecurity is much more approachable than it first appears.
If you're a software developer who enjoys exploring different technologies and techniques like this one, check out LiveReview.
LiveReview delivers high-quality feedback on your PRs/MRs within minutes.
It saves hours per review by providing fast, automated first-pass insights. This helps both junior and senior engineers move faster.
If you're tired of waiting on peer reviews or unsure about the quality of feedback you'll receive, LiveReview is here to help.
Top comments (0)