DEV Community

Rijul Rajesh
Rijul Rajesh

Posted on

Top 3 Easy to Use Cybersecurity Tools You Can Run in Your Terminal

You don’t need expensive hardware or enterprise dashboards to start learning cybersecurity. With just your terminal and a few free tools, you can scan, test, and analyze systems in the same way professionals do.

The best part is there are practice websites made for this exact purpose so you can learn without worrying about legality.

Let’s go step by step with three beginner friendly tools: Nmap, Nikto, and Tcpdump.

1. Nmap

Nmap (Network Mapper) scans machines for open ports and services.

Installation

On Linux (Debian/Ubuntu):

sudo apt update
sudo apt install nmap
Enter fullscreen mode Exit fullscreen mode

On macOS (with Homebrew):

brew install nmap
Enter fullscreen mode Exit fullscreen mode

Example: Scan a test website

Use the official Nmap test server:

nmap scanme.nmap.org
Enter fullscreen mode Exit fullscreen mode

Sample output (shortened):

Starting Nmap 7.80 ( https://nmap.org ) at 2025-09-08 00:00 IST
Nmap scan report for scanme.nmap.org (45.33.32.156)
PORT     STATE    SERVICE
22/tcp   open     ssh
80/tcp   open     http
9929/tcp open     nping-echo
Enter fullscreen mode Exit fullscreen mode

You can also check service versions:

nmap -sV scanme.nmap.org
Enter fullscreen mode Exit fullscreen mode

2. Nikto

Nikto is a web vulnerability scanner. It automatically checks for outdated software and common misconfigurations.

Installation

On Linux (Debian/Ubuntu):

sudo apt update
sudo apt install nikto
Enter fullscreen mode Exit fullscreen mode

On macOS:

brew install nikto
Enter fullscreen mode Exit fullscreen mode

Example: Scan a vulnerable web app

Try it against Acunetix’s test site:

nikto -h http://testphp.vulnweb.com
Enter fullscreen mode Exit fullscreen mode

Sample output (shortened):

- Nikto v2.5.0
- Target IP:  195.35.123.188
- Target Hostname: testphp.vulnweb.com
+ Server: Apache/2.2.8
+ The X-XSS-Protection header is not defined
+ The X-Frame-Options header is not present
+ Entry found: /admin/
Enter fullscreen mode Exit fullscreen mode

This tells you the server is missing security headers and even exposes an /admin page.

3. Tcpdump

Tcpdump captures network traffic and shows it live in your terminal.

Installation

On Linux (Debian/Ubuntu):

sudo apt update
sudo apt install tcpdump
Enter fullscreen mode Exit fullscreen mode

On macOS:

brew install tcpdump
Enter fullscreen mode Exit fullscreen mode

Example: Monitor traffic while visiting a test site

Run:

sudo tcpdump -i eth0 host testphp.vulnweb.com
Enter fullscreen mode Exit fullscreen mode

Now open http://testphp.vulnweb.com in your browser. Tcpdump will log the packets:

Sample output (shortened):

12:00:05 IP your-ip.50544 > testphp.vulnweb.com.http: Flags [S], seq 12345, win 65535
12:00:05 IP testphp.vulnweb.com.http > your-ip.50544: Flags [S.], ack 12346
12:00:05 IP your-ip.50544 > testphp.vulnweb.com.http: Flags [.], ack 67890
Enter fullscreen mode Exit fullscreen mode

This shows the TCP handshake and HTTP request flow.

Final Thoughts

By combining Nmap, Nikto, and Tcpdump you get a starter toolkit for cybersecurity exploration:

  • Nmap maps out open ports and services.
  • Nikto checks for common web vulnerabilities.
  • Tcpdump lets you watch raw traffic in real time.

All of these run directly in your terminal, are free, and can be practiced safely on scanme.nmap.org and testphp.vulnweb.com.

Try them out today and you’ll see that cybersecurity is much more approachable than it first appears.

If you're a software developer who enjoys exploring different technologies and techniques like this one, check out LiveReview.

LiveReview delivers high-quality feedback on your PRs/MRs within minutes.
It saves hours per review by providing fast, automated first-pass insights. This helps both junior and senior engineers move faster.

If you're tired of waiting on peer reviews or unsure about the quality of feedback you'll receive, LiveReview is here to help.

Top comments (0)