Starting My Cybersecurity Journey
Zero Day - Why I created this website
I am currently transitioning into my second year of university as a cybersecurity student. I created this website as a place to document my learning, track my progress, and share the challenges (and small wins) I encounter along the way.
Why a Website?
To be honest, I wasn’t totally sure why I needed a personal website at first. It just felt like a good idea. But as I started thinking about it more, I realised it could be:
A home for my personal projects
A place to write about what I'm learning
A way to show others what I've done and what I'm interested in doing
A personal log of how I've grown and developed over time
I’m hoping it becomes something useful for me—and maybe even helpful to others starting their own cybersecurity path.
What to Expect
This blog will cover:
Short writeups on CTFs and labs I complete
Notes on tools I’m learning (Burp Suite, Nmap, Wireshark, etc.)
Reflections on what’s difficult, what’s working, and where I want to go
Occasional rants and sarcastic comments when software doesn't work
Blog Post #1: Learning Nmap - Covert operations
Surface level
If you're new to cybersecurity like I am, one of the first tools you’ll hear about is Nmap—short for "Network Mapper." It’s a command-line tool used for discovering hosts and services on a network. Basically, it tells you what’s out there.
This week, I decided to properly dive into it—not just running random commands, but actually learning what it's doing under the hood.
🧠 What Nmap Does
In simple terms, Nmap:
Scans IP addresses to see what hosts are alive
Detects open ports
Tries to identify the services running on those ports
Can even guess the operating system in some cases
🧪 First Test: Scanning a Testbox
I used a TryHackMe room with a target box for practice. Here's the first command I ran:
"nmap -sS -p- -T4 10.10.10.10"
Let me break it down:
-sS: SYN scan (stealthy + fast)
-p-: Scan all 65535 ports, not just the common ones
-T4: Timing option (speeds things up a bit)
10.10.10.10: Target IP address
What I Found:
Nmap came back with a few interesting open ports:
Port 22: SSH
Port 80: HTTP
Port 3306: MySQL
From there, I reran the scan with version detection:
"nmap -sV -p 22,80,3306 10.10.10.10"
Results:
SSH: OpenSSH 7.9p1
HTTP: Apache 2.4.29
MySQL: MySQL 5.7.28
🛠️ Lessons I Learned
Nmap isn’t just “scan and forget” – it’s about asking better questions. Start broad, then focus.
Timing matters – -T4 worked fine here, but slower settings like -T2 are better for stealth.
Scan all ports! – Some services hide on higher ports. Always run -p- at least once.
Use the output – The real power comes after the scan. Nmap is a map, not the destination.
⏭️ What’s Next
Try the -A option (aggressive scan) and compare results
Experiment with nmap -O for OS detection
Scan my local network (safely!) and see what’s running
I’ll likely revisit this tool again and again. For now, Nmap feels like the binoculars you use before entering the building. You don’t break in—you first observe.
🔍 Nmap Cheat Sheet – For Beginners in Cybersecurity
📦 Basic Scan
nmap <target>
🔍 Port Scanning Options
nmap -p- <target>
⚡ Scan Types
nmap -sS <target> (SYN scan; default)
nmap -sT <target> (TCP connect scan; no raw packet priveleges needed)
nmap -sU <target> (UDP scan; for UDP services)
🔧 Service & Version Detection
nmap -sV <target> (Detect service versions on running open ports)
🧠 OS Detection
nmap -O <target>
🎯 Aggressive Scan
nmap -A <target>
⏱️ Timing & Performance
nmap -T4 <target>
Timing template:
T0 (Paranoid)
T1 (Sneaky)
T2 (Polite)
T3 (Normal)
T4 (Aggressive)
T5 (Insane)
📂 Save Output
nmap -oN output.txt <target> (normal text output)
nmap -oX output.xml <target> (XML output)
🧰 Common Combos
nmap -sS -p- -T4 <target> (Fast and stealthy port scan)
nmap -sV -p 22,80,443 <target> (Version detection on specific ports
nmap -A -T3 <target> (Aggressive scan with normal timing)