Hi, I'm Serhat Sönmez

I am a Senior Solution Architect with over 11 years of experience in IT, specializing in software development, DevOps, Linux system administration, and cybersecurity.

As a Solution Architect, I have designed and implemented scalable and efficient IT systems that align with organizational objectives. My role entails analyzing business requirements, defining technical strategies, and ensuring seamless integration of solutions across diverse platforms, leveraging my comprehensive expertise to deliver measurable value.

As a software developer and team leader, I have successfully delivered numerous enterprise-level solutions for various organizations. My responsibilities encompass managing the entire software development lifecycle—from initial planning to final deployment. I have overseen critical aspects, including project architecture, database design, coding, testing, deployment, server and infrastructure management, and the implementation of CI/CD pipelines.

As a Linux system administrator, I have proficiently maintained and optimized server infrastructures to guarantee reliability, security, and optimal performance. My duties have included configuring and troubleshooting Linux environments, establishing robust backup and recovery protocols, and proactively mitigating security risks.

As an IT trainer and consultant, I have delivered in-depth training and guidance on a range of technologies, with a focus on software languages and frameworks, Linux administration, and cybersecurity practices, enabling teams to enhance their technical proficiency.

At present, I am actively engaged in strategic partnerships with organizations, providing expert consultancy and technical leadership across multifaceted projects.

Areas of Expertise

Software Development
Linux System Administration
Project Architecture Design
Software Team Leading
Cybersecurity
Project Management
DevOps and CI/CD Operations
Open-source Support
Training
Agile Methodologies

skills

- soft skills -

  • Curiosity
  • I'm always excited to learn about new technologies and keep up with the latest advancements in the field.
  • Organizational Skills
  • I'm good at staying organized and working smoothly within Agile methodologies to make projects more efficient.
  • Adaptability
  • I'm eager to take on new challenges and can easily adjust to different work situations, showing resilience in dynamic environments.
  • Algorithmic Thinking
  • I'm really good at working with algorithms and enjoy solving complex problems, which helps create effective and optimized solutions.
  • Documentation Enthusiast
  • I understand the importance of both reading and writing documentation, recognizing how it improves communication and project clarity.
  • Problem-Solving Dedication
  • I'm committed to thoroughly solving problems, making sure not to leave any issue unresolved until a suitable solution is found.
  • Leadership Skills
  • Capable of providing effective leadership within a team or project, guiding and motivating team members toward common goals.
  • Decision-Making Ability
  • Comfortable in uncertain situations, able to make quick and informed decisions to keep projects moving forward.

- technical skills -

  • Software Development
  • I know how to create software from start to finish, using languages like C#, Python, and .NET Core. This involves writing clean and efficient code, testing it thoroughly, and getting it ready to be used. I work well with teams to deliver high-quality software.
  • Linux System Administration
  • Good at handling Linux systems, making sure they run smoothly and stay secure. This includes managing user accounts, setting up system resources, keeping things secure, and fixing problems when they pop up. I focus on making sure the Linux environment is strong and dependable.
  • Project Architecture
  • I've got experience in designing solid project structures that can grow and work well. This includes organizing systems, choosing the right technologies, and planning how the software project will be put together. I make sure the architecture makes it easy to expand, maintain, and collaborate with other teams.
  • Team Leading
  • I'm good at leading software development teams. This means creating a positive team environment, giving out tasks effectively, and helping team members grow. I make sure everyone is on the same page and working towards the project's goals.
  • Cybersecurity
  • I specialize in keeping software secure. This involves making sure the code is written in a way that protects against cyber threats. I stay updated on the latest security trends to keep our systems safe.
  • DevOps
  • I'm skilled in DevOps practices, which means I focus on making collaboration between development and operations teams smoother. I automate deployment processes and optimize workflows to make sure everything runs efficiently.

software

  • C#
  • Python
  • JavaScript
  • Go
  • SQL
  • Bash & Shell

web

  • HTML & CSS
  • .NET Core
  • Django
  • Flask
  • jQuery
  • ELK Stack

system

  • Linux Management
  • Virtualization
  • Server Security
  • Network Management
  • Disk Configuration
  • Automation & Scripting

database

  • PostgreSQL
  • Microsoft SQL Server
  • MongoDB
  • Redis
  • SQLite
  • Elasticsearch

devops

  • Docker
  • Docker Swarm
  • Kubernetes
  • Jenkins
  • Gitlab CI/CD

cloud

  • Amazon Web Service
  • Google Cloud
  • Hetzner Cloud
  • Cloudflare
  • Digital Ocean
  • Linode

architecture

  • Microservice Arch.
  • Serverless Arch.
  • Clean Code
  • SOLID
  • DDD-TDD
  • DRY-KISS-YAGNI

others

  • Git
  • Web Scraping
  • Data Analysis
  • Agile Methodologies

electronics

  • Electronics Basics
  • Microcontrollers
  • Arduino
  • Raspberry Pi

career

- jobs -

Fiverr & Upwork
Jan 2023 - Present
company website
company website
Software Dev. & Linux SysAdmin
As a freelance, I specialize in providing solutions to address users’ server-related challenges. I offer comprehensive support to clients throughout the software development lifecycle. I also possess expertise in the installation and maintenance of numerous open-source programs, ensuring seamless functionality and ongoing system optimization.
Arenpi
Jan 2021 - Present
company website
Co-Founder & Software Team Lead
I'm the co-founder and the software team lead of Arenpi Company which provides subscribe based marketplace web application for 3D model designers.
Seccops
Dec 2018 - Present
company website
Project Manager & Software Team Lead
I'm working as a software team lead for many security development projects, including CyberThInt (Cyber Threat Intelligence) at Seccops which provides cyber security services.
Bicisim
June 2018 - Jan 2021
company website
Co-Founder & Software Team Lead
I was the co-founder and the software team lead of Bicisim Company which provides dropshipping e-commerce model in 3D sector.
SmartPro Academy
Jan 2017 - Jan 2019
company website
Software Trainer
I was giving software lectures in there. Some of them;
  • Desktop App Development with C#,
  • Web App Development with ASP.NET,
  • Development with Python
Eczacıbaşı Bilişim
Oct 2017 - June 2018
company website
Sr. Software Developer & Security Researcher
I worked in the Cyber Security Team to develop new additions to Deffansive Security Programs. Additionally, I used AlienVault SIEM as the primary deffansive security tool. Moreover, there were the other security tools which I used and developed plug-ins on them, such as; Netsparker, Nessus, Acunetix, many OSINTs etc.
Kurumsal Ticaret
Jan 2016 - Oct 2017
company website
Software Developer
I worked at here as web developer. I ran a lot of projects as back-end developer and gave software support to important companies, such as Coca Cola Inc., Akel Lojistik, Plan Teknik etc.
Codehane & Freelance
Jan 2014 - June 2018
company website
Software Developer & Project Manager
Many years in my IT career, I prefer to work as a freelancer. After years of work, I decided to set up a formation named Codehane with another freelancer who'd had different knowledge in the IT sector.

- trainings & lectures -

2021
lecture link
Python for Hackers
Türk Telekom
2021
lecture link
Introduction to Programming with Python
Türk Telekom
2021
lecture link
Arduino 101
Yıldız Technical University
2019
lecture link
Introduction to Arduino
Yıldız Technical University
2019
lecture link
Arduino Training
Akademik Bilişim
2018
lecture link
Developing with Python
Linux Summer Camp
2018
lecture link
Introduction to Arduino
Kultur University
2018
lecture link
Arduino Training
Akademik Bilişim
2017
lecture link
Development and Software Security
Eczacıbaşı - MOS Turkey
2017
lecture link
ASP.NET Training
SmartPro Academy
2017
lecture link
Arduino Training
Akademik Bilişim
2017
lecture link
Arduino Training
Yıldız Technical University
2016
lecture link
ASP.NET Training
SmartPro Academy
2016
lecture link
Arduino Training
Adakemik Bilişim

- education -

2018 - 2022
(Finished)
Anadolu University
BBA, Management Information Systems
2015 - 2017
(Drop out)
Yıldız Technical University
BE, Electronics and Communications Engieering
2014 - 2016
(Finished)
Istanbul University
AD, Medical Imagining Techniques
2009 - 2013
(Drop out)
Dicle University
MBBS, Medical Science
2005 - 2009
(Finished)
Cumhuriyet Fen Lisesi
High School

projects

- enterprise projects -

Alkebulan Meta 2022 - Current Alkebulan Meta is Web3 app and accessible to all consumers.
⚐ Role: Software Developer & Linux System Admin
⚐ Project Description: AlkebulanMeta is a Web3-powered cooperative learning platform centered on STEM and the Arts, aiming to enhance personal and community development. It utilizes blockchain technology to issue an "OnWeb3-Passport," an NFT that grants users access to educational resources, community engagement, and events within its 3D metaverse environment. The platform's mission emphasizes building a vibrant educational ecosystem that integrates cultural heritage with modern technological advancements.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Open-Source Apps Administration
  • Blockchain Development
  • Authoritative DNS Server Management
  • Web3-Based Application Development
  • Cryptocurrency Development
⚐ Technical Points:
  • Python / Flask
  • HTML / CSS / JS / JQuery / Bootstrap
  • Postgresql / MongoDB / Redis
  • Nginx with Let's Encrypt SSL
  • Hetzner Robot / Linode / Contabo
  • Proxmox VE (Server Virtualization)
  • NocoDB / Taiga / Umami / Tailscale / PowerDNS
  • Keycloak SSO (Single Sing-On App)
  • Web-based Magazine using PDF.js
  • Docker Containerization
  • Solana Contracts and NFTs
  • Handshake Domains (HNS)
Bärwinkel & Straßer GmbH 2023 - Current This project is about server/network management and restricted to organization use only.
⚐ Role: Linux System Admin
⚐ Project Description: For Baerwinkel Strasser, I manage server administration, deploying and maintaining essential systems through Proxmox. Key applications include a database, firewall, password manager, web server, DHCP server, and other open-source solutions. I handle all aspects of setup, maintenance, and security, ensuring these tools are configured to meet user needs. Additionally, I configured network settings and internal server connections, optimizing the infrastructure to enhance company-wide access and functionality. My work supports a secure, well-organized, and efficient server environment tailored to the company's operational requirements.
⚐ Responsibilities:
  • Server and DevOps Management
  • Network Management
  • Server and Network Topography Design
  • Network and Server Security
  • Open-Source Apps Administration
  • Script Development
⚐ Technical Points:
  • Proxmox VE (Server Virtualization)
  • OPNsense
  • Hetzner Robot
  • NAT / VLAN / Routing / Hetzner vSwitch
  • Docker Containerization
  • Nginx Proxy Manager
  • Tailscale VPN
  • Python scripting
  • NocoDB / Passbolt / Psono / ErpNext
Arenpi 2021 - Current Arenpi is B2C app and accessible to all consumers.
⚐ Role: Co-Founder & Software Team Lead
⚐ Project Description: Arenpi.com is a subscription-based marketplace designed for 3D model designers to showcase and monetize their work. Designers upload their models, set up subscription plans, and receive recurring payments through Stripe integration. Users can browse, preview, and subscribe to access exclusive 3D content. The platform is built with a scalable backend and frontend to support high traffic, using Docker containerization and AWS infrastructure for reliable performance and data security.
⚐ Responsibilities:
  • Software Team Leadership
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
  • Team Collaboration Infrastructure Management
⚐ Technical Points:
  • C# / .NET Core
  • Python / Flask
  • HTML / CSS / JS / JQuery / Bootstrap
  • Postgresql / MSSQL / Redis
  • Nginx with Let's Encrypt SSL
  • AWS S3 / AWS EC2 / AWS Lightsail
  • API Integration
  • Docker Containerization
  • Stripe Payment Integration
  • Mail and SMS Notifications
Cyber Threat Intelligence Program 2019 - Current Cyberthint is B2B app and restricted to business use only.
⚐ Role: Software Team Lead
⚐ Project Description: Cyberthint is a unified cyber threat intelligence platform that helps businesses identify, monitor, and mitigate digital risks. It combines Cyber Threat Intelligence (CTI) and Digital Risk Protection (DRP) to detect brand impersonation, data leaks, and exposed attack surfaces. The platform leverages AI to provide threat feeds, monitors for data breaches, and integrates seamlessly with security tools. Users also benefit from real-time alerts and expert analyst support to proactively manage threats.
⚐ Responsibilities:
  • Software Team Leadership
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
  • Team Collaboration Infrastructure Management
⚐ Technical Points:
  • C# / .NET Core
  • Python / Flask
  • HTML / CSS / JS / JQuery / Bootstrap
  • Postgresql / MSSQL / Redis / MongoDB / ELK
  • Nginx with Let's Encrypt SSL
  • Hetzner Cloud & Google Cloud
  • Docker Containerization
  • Microservice Architecture Design
  • Web Scraping and Crawling
  • API Integration
  • File Parsing and Scanning
  • Mail and SMS Notifications
Bicisim 2018 - 2021 Bicisim is inactive at the moment and not being developed.
⚐ Role: Co-Founder & Software Team Lead
⚐ Project Description: Bicisim is a professional 3D production network that offers on-demand part manufacturing using advanced printing technologies like FDM, SLA, and MJF. Users can upload their STL files to receive instant pricing through a fast pricing engine and proceed with production within minutes. The platform ensures quality by collaborating with a network of over 30+ production partners, offering confidentiality agreements and expert support to verify model suitability for 3D printing. Bicisim caters to various industries, providing quick and reliable manufacturing solutions.
⚐ Responsibilities:
  • Software Team Leadership
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
  • Team Collaboration Infrastructure Management
⚐ Technical Points:
  • C# / .NET Core
  • Python / Flask
  • HTML / CSS / JS / JQuery / Bootstrap
  • Postgresql / MSSQL / Redis
  • Nginx with Let's Encrypt SSL
  • AWS S3 / AWS EC2 / AWS Lightsail
  • Docker Containerization
  • API Integration
  • STL File Analyzing
  • Mail and SMS Notifications
Sima CRM 2018 - 2019 This application is not accessible from outside the organization.
⚐ Role: Full-Stack Software Developer
⚐ Project Description: "Sima CRM" is a comprehensive CRM for Sima Cephe Co. to enhance client relationship management and streamline project workflows. The system features lead tracking, task assignments, and communication tools, allowing team members to collaborate effectively. It integrates customer data and project timelines, facilitating better decision-making and improved service delivery. The CRM is built on modern web technologies, ensuring accessibility and user-friendliness, which enhances overall operational efficiency. This tailored solution supports Sima Cephe in managing client interactions more effectively.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
⚐ Technical Points:
  • C# / .NET Framework
  • HTML / CSS / JS / JQuery / Bootstrap
  • Nginx with Let's Encrypt SSL
  • MSSQL / Redis
Healtcare Tender Tracker 2016 - 2017 This application is not accessible from outside the organization.
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Healtcare Tender Tracker is a web application designed for health sector companies to track planned or received tenders, streamline product tracking, and automate due date calculations. Users can manage regular expenses like purchasing costs and personnel salaries, generate detailed reports, and receive these reports automatically via email. The app also facilitates depreciation calculations, helping businesses maintain accurate financial records. By enhancing operational efficiency, this tool empowers health sector organizations to make informed decisions and optimize their resources effectively.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
⚐ Technical Points:
  • C# / .NET Framework
  • HTML / CSS / JS / JQuery / Bootstrap
  • Nginx with Let's Encrypt SSL
  • MSSQL
Polat Fleet Tracker 2017 This application is not accessible from outside the organization. Company Website
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Polat Teknik specializes in cooling solutions, providing equipment like coolers and refrigerators to retail and commercial vendors. The application developed for Polat Teknik enables seamless tracking of these cooling units from dispatch to delivery. Each product's QR code is scanned upon vehicle loading, updating the system in real time. Delivery personnel then upload photos to confirm receipt at the destination. The platform also manages employee oversight, allowing for task assignments and ensuring accountability. This comprehensive tracking optimizes delivery verification and operational efficiency.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
⚐ Technical Points:
  • C# / .NET Framework
  • HTML / CSS / JS / JQuery / Bootstrap
  • Nginx with Let's Encrypt SSL
  • MSSQL
  • GPS Tracking System
  • Mobile app integration
  • Mail and SMS Notifications
Kisaltt 2017 Kisaltt is inactive at the moment and not being developed.
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Kisaltt is a URL shortening service that allows users to create short, ad-free links from longer URLs. Users simply input their desired URL, and the platform generates a compact link that redirects to the original address. The service emphasizes minimalism and user-friendliness, providing a straightforward way to share links efficiently without advertising clutter.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
⚐ Technical Points:
  • C# / .NET Framework
  • HTML / CSS / JS / JQuery / Bootstrap
  • MSSQL / Redis
  • Nginx with Let's Encrypt SSL
  • Digital Ocean
  • User and link statistics
Logistics Insight Platform 2016 - 2017 This application is not accessible from outside the organization. Company Website
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Logistics Insight Platform is designed for a logistics company to monitor and report on their fleet of vehicles. With integrated GPS tracking, users can view the real-time location of all vehicles on a map, gaining insights into their routes and destinations. The app also allows QR code scanning of loaded products, enabling detailed tracking of which items are assigned to each vehicle. This versatile solution enhances operational efficiency and improves logistical management, accessible from both web and mobile platforms.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
⚐ Technical Points:
  • C# / .NET Framework
  • HTML / CSS / JS / JQuery / Bootstrap
  • Nginx with Let's Encrypt SSL
  • MSSQL
  • GPS Tracking System
  • Mobile app integration
Ustabulur 2016 Ustabulur is inactive at the moment and not being developed. Project Archive Page
⚐ Role: Full-Stack Software Developer
⚐ Project Description: UstaBulur is a marketplace application that connects customers with local service providers across various categories, such as cleaning, repairs, and event planning. Users can request services by specifying their needs, and providers can respond with offers. The platform facilitates communication, allowing users to compare prices and reviews before making a decision. UstaBulur aims to simplify the process of finding reliable services while enabling providers to reach a wider audience.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Server and DevOps Management
  • Software and Server Security
  • Database Architecture Design
⚐ Technical Points:
  • C# / .NET Framework
  • HTML / CSS / JS / JQuery / Bootstrap
  • Nginx with Let's Encrypt SSL
  • MSSQL
  • Iyzico Payment Integration
  • Realtime User Chatting
Rulomatik 2016 Rulomatik is B2C app and accessible to all consumers. rulomatik.com
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Rulomatik provides vending machines for car drying towels and similar products, typically placed in car washes and gas stations. The machines are designed to vend hygienic towels for drying vehicles, enhancing customer convenience. Users can purchase towels directly from the vending machine, which is easy to operate and helps maintain clean, reusable drying materials.
⚐ Responsibilities:
  • Project Architecture Design
  • Full-Stack Development
  • Software and Server Security
  • Database Architecture Design
⚐ Technical Points:
  • PHP
  • HTML / CSS / JS / JQuery / Bootstrap
  • Nginx with Let's Encrypt SSL
  • MySQL

- github projects -

Docker Version Parser
⚐ Project Description: The Docker Version Parser project provides a tool to parse and manage Docker version tags, allowing users to handle and organize Docker image versions efficiently. It simplifies the task of extracting and categorizing Docker image versions, making it easier to track updates, manage dependencies, and maintain version consistency across Docker environments.
⚐ Technical Points:
  • Python Scripting
  • Console Application
Rabbitgram
⚐ Project Description: Rabbitgram is a fast Instagram scraper that allows users to gather account information and download media (photos/videos) from Instagram accounts. The project requires Python and can be run from the command line with various parameters for scraping account data, such as follower counts, posts, and media. Users can also run Rabbitgram in a Docker container for easier setup and execution.
⚐ Technical Points:
  • Python Scripting
  • Web Scrapping
  • Console Application
  • Docker Containerization
Raccoon
⚐ Project Description: The Raccoon project is a Python-based web scrapping tool for downloading entire HTML pages, including CSS, JavaScript, images, and fonts, making it ideal for saving single-page HTML themes. Users specify the page URL and can define the output file name and directory for saved assets.
⚐ Technical Points:
  • Python Scripting
  • Web Scrapping
  • Console Application
Password Generator
(Chrome Extension)
⚐ Project Description: The Password Generator Extension is a Chrome extension that allows users to generate random passwords of specified lengths and character sets. Users can customize the generated strings by selecting options like uppercase, lowercase, numeric, and special characters. Once configured, the extension generates the desired string, which can be easily copied to the clipboard for use in various applications. This tool is particularly useful for creating secure passwords or unique identifiers quickly.
⚐ Technical Points:
  • HTML / CSS / JS
  • Chrome Extension
Covid-19 Statistics
(Chrome Extension)
⚐ Project Description: The COVID-19 Statistics Extension is a browser extension that provides users with real-time COVID-19 statistics directly in their browser. It retrieves up-to-date data on cases, recoveries, and deaths from reliable sources and displays them in an accessible format. Users can view global statistics or filter by country to monitor specific regions. This tool is designed for quick access to COVID-19 data without leaving the browser.
⚐ Technical Points:
  • HTML / CSS / JS
  • Chrome Extension
Tardigrade
⚐ Project Description: The Tardigrade project is a Python script designed for URL crawling and subdomain discovery. It enables users to find subdomains related to a specific domain and gather their IP addresses. The script can be run directly or via Docker, with options for verbose output and saving results to a JSON file.
⚐ Technical Points:
  • Python Scripting
  • Web Scrapping
  • Console Application
  • Docker Containerization
Cura Engine Env
⚐ Project Description: The Cura Engine Env project provides a Docker-based environment for running the CuraEngine, a slicing software used for 3D printing. It includes necessary dependencies such as Protobuf and libArcus. Users can either pull the image from Docker Hub or build it from the provided Dockerfile. The repository includes instructions for running the CuraEngine for slicing 3D models, and default printer settings are included in a designated folder.
⚐ Technical Points:
  • C++
  • Shell
  • Console Application
  • Docker Containerization
Clockify Widget
(Notion Extension)
⚐ Project Description: The Clockify Widget project for Notion integrates Clockify’s time-tracking capabilities into Notion pages, allowing users to monitor and manage their time directly within the Notion workspace. With this widget, users can view time entries and track project durations without switching applications, making it easier to manage productivity and keep a real-time record of their work hours in Clockify.
⚐ Technical Points:
  • HTML / CSS / JS
  • Notion Extension
  • GitHub Pages
Coin Status
⚐ Project Description: The Coins Status project is a real-time cryptocurrency tracking tool that displays live data on various coins. The application retrieves information such as current prices, percentage changes, and market trends, giving users an overview of the market in one place. This tool is useful for crypto enthusiasts and investors looking to monitor coin statuses conveniently.
⚐ Technical Points:
  • Python Scripting
  • Console Application

courses

#_

I offer comprehensive training programs in web infrastructure, programming, cybersecurity, and system administration, utilizing languages and frameworks such as Python, C#, .NET Core, and Linux. These courses are designed to provide in-depth technical knowledge and practical skills, reflecting my expertise in delivering structured, hands-on education for professionals and enthusiasts in the technology field.

Purpose of the Training:

The Fundamentals of Web Infrastructure training is designed for IT professionals and web developers who wish to gain a deep understanding of the core mechanisms of the internet and web technologies. This training covers a broad spectrum, from the network infrastructure that powers the web to protocols, encryption mechanisms, and modern development processes. By focusing on the technical concepts of web infrastructure and how systems operate, it provides participants with the theoretical knowledge that forms the backbone of web-based systems. Starting from the fundamental principles of the internet and extending to modern web trends, this journey equips participants with both infrastructural and operational perspectives.

Prerequisites:

There are no prerequisites for this training.

Topic List
  1. Introduction to Internet Fundamentals
    • What is the Internet and How Does it Work?
    • What is the Web?
    • History and Evolution of the Internet and Web
    • Physical Infrastructure of the Internet
    • Protocols and Their Importance
    • Who Determines Protocols?
    • Compliance of Browsers and Applications with Protocols
    • Core Concepts of the Internet
      • IP (Internet Protocol) and IP Address
      • IPv4 - IPv6
      • Private and Public IPv4
      • IP Range
      • IP Subnet and CIDR (Classless Inter-Domain Routing)
      • Port
      • Gateway
      • ARP (Address Resolution Protocol)
      • DHCP (Dynamic Host Configuration Protocol)
      • MAC (Media Access Control) Address
      • WAN (Wide Area Network)
      • LAN (Local Area Network)
      • NAT (Network Address Translation)
  2. Network Infrastructure and Communication Basics
    • OSI Model
    • TCP/IP Model
    • Differences Between UDP and TCP
    • TCP Segment Structure
    • TCP 3-Way Handshake (SYN, SYN-ACK, ACK)
    • What are TLS and SSL?
    • TLS/SSL Handshake
    • Validation Process of SSL/TLS Certificates
    • Packet Analysis with Wireshark and tcpdump
  3. Network Management and Diagnostic Tools
    • NAT and IP Management (Private, Public)
    • Network Interfaces
    • Types of Firewalls
      • Firewall Types Based on Operational Levels
      • Firewall Types Based on Architecture
      • Specialized Firewall Types Based on Purpose
    • Ping and ICMP
    • DNS Query Analysis with Host
    • DNS Query Analysis with Dig
    • Route Tracing with Traceroute/Tracert
    • Network and Port Scanning with Nmap
    • Listing Open Ports with Netstat
    • TCP/UDP Connection Testing with Telnet and Netcat
    • Network Performance Analysis with iPerf
  4. Cryptography and Encryption Mechanisms
    • Hashing
    • Symmetric Encryption
    • Asymmetric Encryption
    • RSA and Diffie-Hellman Algorithms
    • Hybrid Encryption
    • Differences Between Encryption and Signing
    • OpenPGP Protocol and GPG
    • Cryptography in Web Security
      • Use Cases of Asymmetric Encryption
      • Use Cases of Symmetric Encryption
      • Use Cases of Hash Functions
      • Use of Algorithms in TLS/SSL Handshake Process
      • Cipher Suite (Encryption Package)
      • HTTP/3 and TLS 1.3
  5. DNS (Domain Name System)
    • How DNS Works
    • Recursive DNS Resolver and Authoritative DNS Server
    • DNS Resolution Process and Local Caching
    • DNS Record Types
    • Reverse DNS (Reverse DNS) and PTR Records
    • Audit Blocking, Restriction, and Redirection via DNS
    • DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT)
    • Public DNS Services
    • DNS Security
      • How DNSSEC Works
      • Chain of Trust
      • DNSSEC Record Types
      • Cache Poisoning
    • DNS Load Balancing and Traffic Routing
      • DNS Load Balancing
      • DNS Traffic Routing
      • Advantages of DNS Load Balancing and Traffic Routing
      • DNS Load Balancing and Traffic Routing Algorithms
  6. VPN and Proxy Mechanisms
    • Definition and Core Principles of VPN
    • VPN Use Cases on the Web
    • Common VPN Protocols and Mechanisms
      • PPTP (Point-to-Point Tunneling Protocol)
      • L2TP/IPSec (Layer 2 Tunneling Protocol over IP Security)
      • OpenVPN
      • WireGuard
      • SSTP (Secure Socket Tunneling Protocol)
    • VPN Network Topologies
      • Point-to-Point
      • Site-to-Site VPN
      • Hub-and-Spoke
      • Mesh Network
    • SSH Tunneling vs VPN Comparison
    • What is a Proxy and Its Core Principles
    • Comparison of VPN and Proxy
    • Proxy Types and Their Use Cases on the Web
      • Forward Proxy
      • Reverse Proxy
      • Transparent Proxy
      • SOCKS Proxy
    • Proxy and HTTPS: Traffic Handling Mechanisms
      • Passthrough
      • Interception (SSL Inspection)
      • Tunneling
    • Performance Impacts of VPN and Proxy in Web Infrastructure
    • Anonymity with the Tor Network
  7. Fundamentals of the HTTP Protocol
    • HTTP Definition and Client-Server Architecture
      • What is HTTP?
      • What is Client-Server Architecture?
      • Role of HTTP in Client-Server Architecture
    • Evolution of HTTP: HTTP/1.1, HTTP/2, and HTTP/3
    • URL Structure and Components
    • HTTP Debugging and Analysis Tools
      • cURL (Client URL)
      • Telnet
      • ncat
      • Postman
      • Browser Developer Console
      • Burp Suite
      • Wireshark and tcpdump
    • Raw Request and Raw Response Packets
    • HTTP Methods and Use Cases
    • HTTP Status Codes and Their Meanings
    • HTTP Headers and Their Functions
    • HTTP Body and Encoding Basics
      • Which Methods Use a Body?
      • Body Types and Formats
      • Character Encoding
      • Transfer Encoding
      • URL Encoding (Special Case)
    • Cookies and Session Management
    • HTTP Caching Mechanisms
      • Types of Caching
      • Caching Headers and Their Functions
      • Caching Process
  8. Modern Web Development: Architectures, APIs, and Processes
    • Basics of Web Development and the Role of APIs
    • API Types and Design Approaches
      • REST (Representational State Transfer)
      • GraphQL
      • SOAP (Simple Object Access Protocol)
      • gRPC
      • Webhooks
    • Web Architectures: Monolithic, Microservices, and Serverless
    • Communication and Data Formats in Web Applications
      • JSON, XML, HTML, Protobuf
      • HTTP
      • WebSockets
      • Message Queues
      • Event-Driven Approaches
      • Long Polling
      • HTTP/2 Server Push
      • gRPC Streaming
      • SignalR
      • RSocket
      • Use of Communication Methods in Microservice Architecture
    • Version Control
    • DevOps and Deployment Strategies
    • Modern Web Trends
      • Jamstack: Static Sites and API Integration
      • No-Code Approaches
      • Edge Computing: API Usage at the Edge
      • Progressive Web Applications (PWA)
      • Single Page Applications (SPA)
      • WebAssembly (Wasm)
      • Web3: Decentralized Applications and APIs with Blockchain
  9. Web Management and Performance Enhancement Techniques
    • Management and Optimization of Web Servers
      • Server Operation Methods
      • Multi-Request Handling Techniques
      • Direct Serving of Static Files
      • Performance Optimization Techniques for Web Servers
      • Reverse Proxy: Definition and Use Cases
    • Performance Impacts of Modern HTTP Protocols
    • Web Data Compression Methods
      • Gzip (GNU Zip)
      • Brotli
      • WebP (Image Compression)
      • Performance Effects of Compression
      • Browser Support
    • Web Scaling Strategies
    • Fundamentals of Distributed Systems on the Web
      • Basics of Distributed Systems
      • Fault Tolerance in Distributed Systems
      • Single Point of Failure
      • Scalability and Flexibility
      • Data Distribution and Consistency
      • Coordination and Synchronization
    • CAP Theorem and BASE Consistency Model
    • Data Management in Distributed Systems
      • Managing User Data in Distributed Systems
      • Session Management in Distributed Systems
      • Database Scaling and Management in Distributed Systems
      • Consistency and Synchronization
    • Web Traffic Management and Load Balancing
      • Load Balancing in Web Requests
      • Load Balancing Algorithms
      • Traffic Routing Strategies
      • Traffic Queue Management and Rate Limiting
    • Stateless and Stateful Approaches in Web Traffic
    • Caching Mechanisms and CDN (Content Delivery Network) Usage
    • Logging and Monitoring Mechanisms
  10. Security in Web Infrastructure
    • Secure Communication and Network Security
      • HTTPS and Secure Communication
      • HSTS (HTTP Strict Transport Security) and Details
      • SSL/TLS Configuration and Optimization
      • Man-in-the-Middle (MITM) Attacks and Mitigations
      • Firewall and Web Application Firewall (WAF) Usage
      • IP Whitelisting and Blacklisting
    • Web Server Security
      • Critical Paths and Access Control
      • Traffic Management and Protection
      • Security Headers and Content Security Policy (CSP)
      • Web Server Hardening
      • Additional Security Measures
    • Web Application Security
      • Cross-Site Scripting (XSS) and Mitigations
      • SQL Injection and Protection Methods
      • Insecure Direct Object References (IDOR)
      • File Upload Security
      • Server-Side Request Forgery (SSRF)
      • Security Misconfiguration
      • Sensitive Data Exposure
      • Insufficient Logging and Monitoring
      • Combating and Bypassing Web Scraping Techniques
    • Session and User Security
      • Session Hijacking
      • Session Fixation
      • Cross-Site Request Forgery (CSRF)
      • Clickjacking
      • Broken Authentication
    • API Security
      • Broken Object Level Authorization (BOLA)
      • Broken Authentication
      • Excessive Data Exposure
      • Injection Attacks (API-Focused)
      • DDoS Attacks (Distributed Denial of Service Attacks)
    • Security Testing and Analysis
      • Core Approaches to Security Testing
      • Security Testing Methodologies and Standards
      • Post-Attack Analysis and Forensics
      • Comprehensive Elements of Security Testing and Analysis
      • Tools and Technologies
    • Risk Management in Web Security
    • Modern Web Security Standards and Approaches
      • OWASP (Open Web Application Security Project)
      • CVE (Common Vulnerabilities and Exposures)
      • CVSS (Common Vulnerability Scoring System)
      • ISO/IEC 27001
      • DevSecOps
      • Zero Trust Security Model
      • Bug Bounty Programs
      • Future Trends

Purpose of the Training

The Linux System Administration training is designed for individuals aiming to master the essentials of managing Linux systems. This course covers foundational skills such as shell usage, file and user management, and advanced topics like network configuration, process monitoring, and shell programming. Participants will gain practical knowledge to efficiently administer Linux environments, ensuring system performance, security, and automation.

Prerequisites

There are no prerequisites for this training.

Topic List
  1. Introduction
  2. Shell and Basic Commands
  3. Linux Directory Structure
  4. Shell Usage
  5. Advanced Shell Operations
  6. Text Editors
  7. User and Group Management
  8. File Permissions and Ownership
  9. Running Commands as Another User
  10. HTTP Requests and Download Files
  11. Compressing Files and Directories
  12. Package Management
  13. Process Management
  14. Disk Management
  15. Linux Services
  16. Network Management
  17. Scheduled Tasks on Linux
  18. Shell Programming

Purpose of the Training

The Programming with Python training is designed for beginners and those looking to acquire software development skills using Python. It covers a wide range, from Python’s core concepts to object-oriented programming, web scraping, and database operations. The training equips participants with theoretical knowledge and practical skills through Python’s simple syntax, providing a strong foundation for their software development journey.

Prerequisites

There are no prerequisites for this training.

Topic List
  1. Introduction to Programming with Python
    • History and Overview of Python
    • Advantages and Use Cases of Python
    • Python Installation and Development Environments
    • First Python Program: "Hello World"
  2. Python Syntax and Language Structure
    • Variables and Variable Declaration
    • Variable Naming Rules
    • Code Indentation
    • Comments
    • Basic Syntax Rules (PEPs and PEP-8)
    • Reserved Keywords in Python
    • Print Function
    • EXTRA: Python Lexical Structure
  3. Data Types and Structures - Introduction
    • Overview of Data Types
    • Variable Assignment and Dynamic Typing
    • Introduction to Type Checking and Conversion
  4. Memory Usage in Python
    • Everything is "First Class"
    • Mutable vs. Immutable Objects
    • Python Referencing Background
    • Memory Optimization in Python Implementation
    • Caching Small Integer Values
    • String Interning
  5. Data Types - Numeric Types
    • Integers and Their Properties
    • Floats and Precision
    • Arithmetic and Assignment Operators
    • Mathematical Functions
    • Data Type Conversions
  6. Data Types - Text-Based Types
    • String Definition and Basic Operations
    • Escape Characters
    • Raw Strings
    • String Operators
    • String Formatting
    • String Methods
    • Bytes and Bytearray Concepts
    • Encoding and Decoding Operations
  7. Data Types - Boolean
    • Boolean Values
    • Comparison Operators
    • Logical Operators
    • Short-Circuit Evaluation
    • Chaining Comparisons
  8. Collection Data Structures - Lists
    • List Definition and Properties
    • List Operators
    • Operations with List Data
    • List Methods
    • Multidimensional Lists (Nested Lists)
  9. Collection Data Structures - Tuples
    • Tuple Definition and Properties
    • Differences Between Tuples and Lists
    • Tuple Operators
    • Tuple Methods
    • Packing and Unpacking Operations
  10. Collection Data Structures - Dictionaries
    • Dictionary Definition and Key-Value Structure
    • Dictionary Operators
    • Operations with Dictionary Data
    • Dictionary Methods
    • Multidimensional Dictionaries (Nested Dictionaries)
  11. Collection Data Structures - Sets (Set and Frozenset)
    • Set Definition and Properties
    • Differences Between Sets and Lists
    • Set Operators
    • Operations with Set Data
    • Set Methods
    • Frozenset and Immutable Set Concept
    • Use Cases for Sets
  12. Type Conversions
    • Basic Type Conversion Functions
    • Implicit and Explicit Conversion
    • Error Handling in Type Conversion
  13. Console Interaction
    • Print Function and Its Parameters
    • Receiving User Input
  14. Conditional Statements
    • If, Elif, and Else Structure
    • Short-Circuit Evaluation
    • Nested Conditions
    • Best Practices for Error Handling
    • Ternary Operator Usage
  15. Loops - While
    • Structure and Usage of While Loops
    • Break and Continue Statements
    • Infinite Loops and Control Mechanisms
    • Using Else with While
  16. Loops - For
    • Basic Structure of For Loops
    • Creating Loops with the Range Function
    • Loops Over Lists, Tuples, and Dictionaries
    • Using Else with For
  17. String Formatting
    • Old-Style Formatting (% Operator)
    • Str.format() Method
    • F-String Usage and Advantages
    • Formatting Examples and Tips
  18. Functions
    • Defining and Calling Functions
    • Parameters and Default Values
    • Mutable Parameters
    • Return Statement and Multiple Returns
    • Keyword Arguments and Args/Kwargs Usage (Packing & Unpacking)
    • Function Documentation (Docstring)
    • Function Annotations
  19. Namespace and Scope
    • Local and Global Variables
    • Scope Hierarchy (LEGB Rule)
    • globals() and locals() Key Functions
    • Modifying Variables Outside Scope
    • Global and Nonlocal Keywords
  20. Lambda Functions
    • Definition and Syntax of Lambda Functions
    • Creating Single-Line Functions
    • Usage with Map, Filter, and Reduce
  21. List Comprehensions
    • Basic Structure of List Comprehensions
    • Conditional List Comprehensions
    • Dictionary and Set Comprehensions
    • Nested List Comprehensions
  22. Object-Oriented Programming (OOP)
    • Class and Object Concepts
    • Inheritance and Multiple Inheritance
    • The self Keyword
    • Constructor Method
    • Attributes and Methods
    • Encapsulation and Access Control
    • Special Methods (Magic Methods: init, str, etc.)
    • EXTRA: The Meaning of Underscores in Python
  23. Modules and Packages
    • Defining and Importing Modules (import)
    • Standard Library Modules (math, random, etc.)
    • Package Structure and Usage
    • Subpackage Usage
    • Installing Third-Party Packages (pip)
    • Using Python Virtual Environments
  24. Exception Handling
    • Try, Except, Else, and Finally Structure
    • Defining Custom Exceptions
    • Raising Errors with Raise
  25. Iteration and Generators
    • Iteration Concept and Iterable Objects
    • Generator Functions and Yield
    • Generator Expressions
    • Performance and Advantages of Iteration
  26. Working with Files
    • Opening and Closing Files
    • Reading and Writing Files
    • Error Handling in File Operations
    • File Management with the With Statement
    • File Encoding
  27. Working with JSON, XML, and YAML
    • Introduction to JSON Format and Usage
    • Reading and Writing JSON Data (json module)
    • XML Format Basics and Parsing (xml.etree.ElementTree)
    • Introduction to YAML Format and Usage (pyyaml)
    • Comparison of Different Data Formats
    • Data Conversion and Error Handling
  28. Handling HTTP Requests
    • Introduction to HTTP Protocol and Core Concepts
    • Operations with the Requests Library
    • Using Headers and Parameters
    • Fetching and Processing Data from APIs
  29. Web Scraping
    • HTML Parsing with BeautifulSoup
    • Fetching Web Page Content with Requests
    • Processing Dynamic Pages with Selenium
    • Data Extraction and Cleaning Techniques
  30. Database Operations
    • Introduction to Database Types (SQL vs NoSQL)
    • Lightweight Database Management with SQLite
    • ORM Usage with SQLAlchemy
    • Connecting to MySQL or PostgreSQL
    • CRUD Operations (Create, Read, Update, Delete)

Purpose of the Training

The Cybersecurity Techniques with Python training is designed for individuals seeking to master offensive and defensive security skills using Python. This course explores passive and active reconnaissance, system vulnerability analysis, backdoor creation, cryptography, and defensive security practices. Participants will learn to leverage Python for real-world cybersecurity tasks, building practical tools and techniques to identify, exploit, and mitigate security risks effectively.

Prerequisites

Basic Python knowledge is required for this course.

Topic List
  1. Passive Recon
    • Collecting Business Information
    • Get Whois Records
    • Social Engineering
  2. Active Scan
    • Using Console Commands with Python
    • Subfolder and Subdomain Scan
    • Session Hijacking
    • Getting Headers, Robots.txt and Sitemap Files
    • Collecting Information from Source Code
    • Form Brute-Force Attacks
    • Port Scan
    • SQL Brute-Force Attacks
    • SQL-Injection
    • FTP Brute-Force Attacks
  3. System Research
    • File Search on A System
    • Vulnerability Test with Payloads
  4. Backdoor
    • Python Reverse Shell
    • Basic HTTP Server with Python
    • Permanent Web Backdoor
    • Linux Services and Cronjob
  5. Cryptography
    • Create User-defined Wordlist
    • Hash Cracking
    • Zip Cracking
    • Steganography
  6. Defensive Security
    • Get File Metadata
    • File Parsing
    • Online Malware Scanning with Python
    • Using SMTP with Python
    • Getting Threat Data and Implement to Firewall
    • Monitoring Web Apps and IPs
  7. Projects
    • Basic OSINT Tool
    • Firewall Integrated Web API

Purpose of the Training

The Web Programming with .NET Core training is designed for developers aiming to create modern web applications using the .NET Core framework. This course covers the fundamentals of web development, including protocols, .NET Core architecture, and key features like Razor views, controllers, and database integration. Participants will gain hands-on skills in building robust, scalable web solutions, while exploring advanced topics such as dependency injection, middleware, and design patterns for professional development.

Prerequisites

Basic C# knowledge is required for this course.

Topic List
  1. Web Protocols and Web Lifecycle
  2. Introduction to .NET Core
  3. Razor View Engine
  4. Tag Helpers
  5. Views
  6. Controllers
  7. Communications Between Controller and View
  8. Models and Model Binding
  9. Database Integration
  10. Database CRUD Operations
  11. Action Results
  12. View Components
  13. Cookie and Session Management
  14. Validations
  15. Routing
  16. Areas
  17. Filters
  18. Deployment
  19. In-Depth - How .NET Core Works?
  20. In-Depth - Dependency Injection
  21. In-Depth - Middlewares
  22. In-Depth - Project Architectures
  23. In-Depth - Design Patterns

Purpose of the Training

The Programming with C# training is designed for individuals looking to build a solid foundation in C# development. This course introduces the essentials of C# programming, from creating console applications to mastering variables, collections, control structures, and object-oriented principles. Participants will learn to write efficient, structured code and handle exceptions, preparing them for real-world software development using C#.

Prerequisites

There are no prerequisites for this training.

Topic List
  1. Introduction to C#
  2. Creating Console Applications
  3. C# Lexical Structure
  4. Variables
  5. Type Conversions
  6. Collections
  7. Operators
  8. Condition Statements
  9. Loops
  10. Functions
  11. Object Oriented Programming
  12. Exception Handling

Course details will be updated soon.

Course details will be updated soon.

Course details will be updated soon.

contact

I am currently living in Istanbul, Turkey.

You can reach me via email:
contact[at]serhatsonmez[.]net

Find me on decentralized internet with handshake domain:
https://serhatsonmez

PGP key for mail/file encryption:
download public PGP key
fingerprint: 1D701676F48129D17AA8EA40CCD8793AA1665CC7