Hi, I'm Serhat Sönmez
I am a Senior Solution Architect with over 11 years of experience in IT, specializing in software development, DevOps, Linux system administration, and cybersecurity.
As a Solution Architect, I have designed and implemented scalable and efficient IT systems that align with organizational objectives. My role entails analyzing business requirements, defining technical strategies, and ensuring seamless integration of solutions across diverse platforms, leveraging my comprehensive expertise to deliver measurable value.
As a software developer and team leader, I have successfully delivered numerous enterprise-level solutions for various organizations. My responsibilities encompass managing the entire software development lifecycle—from initial planning to final deployment. I have overseen critical aspects, including project architecture, database design, coding, testing, deployment, server and infrastructure management, and the implementation of CI/CD pipelines.
As a Linux system administrator, I have proficiently maintained and optimized server infrastructures to guarantee reliability, security, and optimal performance. My duties have included configuring and troubleshooting Linux environments, establishing robust backup and recovery protocols, and proactively mitigating security risks.
As an IT trainer and consultant, I have delivered in-depth training and guidance on a range of technologies, with a focus on software languages and frameworks, Linux administration, and cybersecurity practices, enabling teams to enhance their technical proficiency.
At present, I am actively engaged in strategic partnerships with organizations, providing expert consultancy and technical leadership across multifaceted projects.
Areas of Expertise
⚐ Software Development
⚐ Linux System Administration
⚐ Project Architecture Design
⚐ Software Team Leading
⚐ Cybersecurity
⚐ Project Management
⚐ DevOps and CI/CD Operations
⚐ Open-source Support
⚐ Training
⚐ Agile Methodologies
skills
- soft skills -
- Curiosity
- I'm always excited to learn about new technologies and keep up with the latest advancements in the field.
- Organizational Skills
- I'm good at staying organized and working smoothly within Agile methodologies to make projects more efficient.
- Adaptability
- I'm eager to take on new challenges and can easily adjust to different work situations, showing resilience in dynamic environments.
- Algorithmic Thinking
- I'm really good at working with algorithms and enjoy solving complex problems, which helps create effective and optimized solutions.
- Documentation Enthusiast
- I understand the importance of both reading and writing documentation, recognizing how it improves communication and project clarity.
- Problem-Solving Dedication
- I'm committed to thoroughly solving problems, making sure not to leave any issue unresolved until a suitable solution is found.
- Leadership Skills
- Capable of providing effective leadership within a team or project, guiding and motivating team members toward common goals.
- Decision-Making Ability
- Comfortable in uncertain situations, able to make quick and informed decisions to keep projects moving forward.
- technical skills -
- Software Development
- I know how to create software from start to finish, using languages like C#, Python, and .NET Core. This involves writing clean and efficient code, testing it thoroughly, and getting it ready to be used. I work well with teams to deliver high-quality software.
- Linux System Administration
- Good at handling Linux systems, making sure they run smoothly and stay secure. This includes managing user accounts, setting up system resources, keeping things secure, and fixing problems when they pop up. I focus on making sure the Linux environment is strong and dependable.
- Project Architecture
- I've got experience in designing solid project structures that can grow and work well. This includes organizing systems, choosing the right technologies, and planning how the software project will be put together. I make sure the architecture makes it easy to expand, maintain, and collaborate with other teams.
- Team Leading
- I'm good at leading software development teams. This means creating a positive team environment, giving out tasks effectively, and helping team members grow. I make sure everyone is on the same page and working towards the project's goals.
- Cybersecurity
- I specialize in keeping software secure. This involves making sure the code is written in a way that protects against cyber threats. I stay updated on the latest security trends to keep our systems safe.
- DevOps
- I'm skilled in DevOps practices, which means I focus on making collaboration between development and operations teams smoother. I automate deployment processes and optimize workflows to make sure everything runs efficiently.
software
- C#
- Python
- JavaScript
- Go
- SQL
- Bash & Shell
web
- HTML & CSS
- .NET Core
- Django
- Flask
- jQuery
- ELK Stack
system
- Linux Management
- Virtualization
- Server Security
- Network Management
- Disk Configuration
- Automation & Scripting
database
- PostgreSQL
- Microsoft SQL Server
- MongoDB
- Redis
- SQLite
- Elasticsearch
devops
- Docker
- Docker Swarm
- Kubernetes
- Jenkins
- Gitlab CI/CD
cloud
- Amazon Web Service
- Google Cloud
- Hetzner Cloud
- Cloudflare
- Digital Ocean
- Linode
architecture
- Microservice Arch.
- Serverless Arch.
- Clean Code
- SOLID
- DDD-TDD
- DRY-KISS-YAGNI
others
- Git
- Web Scraping
- Data Analysis
- Agile Methodologies
electronics
- Electronics Basics
- Microcontrollers
- Arduino
- Raspberry Pi
career
- jobs -
|
Fiverr & Upwork
Jan 2023 - Present
company website
company website |
Software Dev. & Linux SysAdmin
As a freelance, I specialize in providing solutions to address users’ server-related challenges. I offer comprehensive support to clients throughout the software development lifecycle. I also possess expertise in the installation and maintenance of numerous open-source programs, ensuring seamless functionality and ongoing system optimization.
|
|
Arenpi
Jan 2021 - Present
company website
|
Co-Founder & Software Team Lead
I'm the co-founder and the software team lead of Arenpi
Company which provides subscribe based marketplace web application for 3D
model designers.
|
|
Seccops
Dec 2018 - Present
company website
|
Project Manager & Software Team Lead
I'm working as a software team lead for many security development projects, including CyberThInt
(Cyber Threat Intelligence) at Seccops which provides cyber security
services.
|
|
Bicisim
June 2018 - Jan 2021
company website
|
Co-Founder & Software Team Lead
I was the co-founder and the software team lead of Bicisim
Company which provides dropshipping e-commerce model in 3D sector.
|
|
SmartPro Academy
Jan 2017 - Jan 2019
company website
|
Software Trainer
I was giving software lectures in there. Some of them;
|
|
Eczacıbaşı Bilişim
Oct 2017 - June 2018
company website
|
Sr. Software Developer & Security Researcher
I worked in the Cyber Security Team to develop new additions to Deffansive
Security Programs. Additionally, I used AlienVault SIEM as the primary
deffansive security tool. Moreover, there were the other security tools
which I used and developed plug-ins on them, such as; Netsparker, Nessus,
Acunetix, many OSINTs etc.
|
|
Kurumsal Ticaret
Jan 2016 - Oct 2017
company website
|
Software Developer
I worked at here as web developer. I ran a lot of projects as back-end
developer and gave software support to important companies, such as Coca
Cola Inc., Akel Lojistik, Plan Teknik etc.
|
|
Codehane & Freelance
Jan 2014 - June 2018
company website
|
Software Developer & Project Manager
Many years in my IT career, I prefer to work as a freelancer. After years of
work, I decided to set up a formation named Codehane with another freelancer
who'd had different knowledge in the IT sector.
|
- trainings & lectures -
|
2021
lecture
link
|
Python for Hackers
Türk Telekom
|
|
2021
lecture
link
|
Introduction to Programming with Python
Türk Telekom
|
|
2021
lecture
link
|
Arduino 101
Yıldız Technical University
|
|
2019
lecture
link
|
Introduction to Arduino
Yıldız Technical University
|
|
2019
lecture
link
|
Arduino Training
Akademik Bilişim
|
|
2018
lecture link
|
Developing with Python
Linux Summer Camp
|
|
2018
lecture
link
|
Introduction to Arduino
Kultur University
|
|
2018
lecture
link
|
Arduino Training
Akademik Bilişim
|
|
2017
lecture
link
|
Development and Software Security
Eczacıbaşı - MOS Turkey
|
|
2017
lecture
link
|
ASP.NET Training
SmartPro Academy
|
|
2017
lecture
link
|
Arduino Training
Akademik Bilişim
|
|
2017
lecture
link
|
Arduino Training
Yıldız Technical University
|
|
2016
lecture
link
|
ASP.NET Training
SmartPro Academy
|
|
2016
lecture
link
|
Arduino Training
Adakemik Bilişim
|
- education -
|
2018 - 2022
(Finished) |
Anadolu University
BBA, Management Information Systems
|
|
2015 - 2017
(Drop out) |
Yıldız Technical University
BE, Electronics and Communications Engieering
|
|
2014 - 2016
(Finished) |
Istanbul University
AD, Medical Imagining Techniques
|
|
2009 - 2013
(Drop out) |
Dicle University
MBBS, Medical Science
|
|
2005 - 2009
(Finished) |
Cumhuriyet Fen Lisesi
High School
|
projects
- enterprise projects -
| Alkebulan Meta 2022 - Current Alkebulan Meta is Web3 app and accessible to all consumers. |
⚐ Role: Software Developer & Linux System Admin
⚐ Project Description: AlkebulanMeta is a Web3-powered cooperative learning platform centered on STEM and the Arts, aiming to enhance personal and community development. It utilizes blockchain technology to issue an "OnWeb3-Passport," an NFT that grants users access to educational resources, community engagement, and events within its 3D metaverse environment. The platform's mission emphasizes building a vibrant educational ecosystem that integrates cultural heritage with modern technological advancements.
⚐ Responsibilities:
⚐ Technical Points:
|
| Bärwinkel & Straßer GmbH 2023 - Current This project is about server/network management and restricted to organization use only. |
⚐ Role: Linux System Admin
⚐ Project Description: For Baerwinkel Strasser, I manage server administration, deploying and maintaining essential systems through Proxmox. Key applications include a database, firewall, password manager, web server, DHCP server, and other open-source solutions. I handle all aspects of setup, maintenance, and security, ensuring these tools are configured to meet user needs. Additionally, I configured network settings and internal server connections, optimizing the infrastructure to enhance company-wide access and functionality. My work supports a secure, well-organized, and efficient server environment tailored to the company's operational requirements.
⚐ Responsibilities:
⚐ Technical Points:
|
| Arenpi 2021 - Current Arenpi is B2C app and accessible to all consumers. |
⚐ Role: Co-Founder & Software Team Lead
⚐ Project Description: Arenpi.com is a subscription-based marketplace designed for 3D model designers to showcase and monetize their work. Designers upload their models, set up subscription plans, and receive recurring payments through Stripe integration. Users can browse, preview, and subscribe to access exclusive 3D content. The platform is built with a scalable backend and frontend to support high traffic, using Docker containerization and AWS infrastructure for reliable performance and data security.
⚐ Responsibilities:
⚐ Technical Points:
|
| Cyber Threat Intelligence Program 2019 - Current Cyberthint is B2B app and restricted to business use only. |
⚐ Role: Software Team Lead
⚐ Project Description: Cyberthint is a unified cyber threat intelligence platform that helps businesses identify, monitor, and mitigate digital risks. It combines Cyber Threat Intelligence (CTI) and Digital Risk Protection (DRP) to detect brand impersonation, data leaks, and exposed attack surfaces. The platform leverages AI to provide threat feeds, monitors for data breaches, and integrates seamlessly with security tools. Users also benefit from real-time alerts and expert analyst support to proactively manage threats.
⚐ Responsibilities:
⚐ Technical Points:
|
| Bicisim 2018 - 2021 Bicisim is inactive at the moment and not being developed. |
⚐ Role: Co-Founder & Software Team Lead
⚐ Project Description: Bicisim is a professional 3D production network that offers on-demand part manufacturing using advanced printing technologies like FDM, SLA, and MJF. Users can upload their STL files to receive instant pricing through a fast pricing engine and proceed with production within minutes. The platform ensures quality by collaborating with a network of over 30+ production partners, offering confidentiality agreements and expert support to verify model suitability for 3D printing. Bicisim caters to various industries, providing quick and reliable manufacturing solutions.
⚐ Responsibilities:
⚐ Technical Points:
|
| Sima CRM 2018 - 2019 This application is not accessible from outside the organization. |
⚐ Role: Full-Stack Software Developer
⚐ Project Description: "Sima CRM" is a comprehensive CRM for Sima Cephe Co. to enhance client relationship management and streamline project workflows. The system features lead tracking, task assignments, and communication tools, allowing team members to collaborate effectively. It integrates customer data and project timelines, facilitating better decision-making and improved service delivery. The CRM is built on modern web technologies, ensuring accessibility and user-friendliness, which enhances overall operational efficiency. This tailored solution supports Sima Cephe in managing client interactions more effectively.
⚐ Responsibilities:
⚐ Technical Points:
|
| Healtcare Tender Tracker 2016 - 2017 This application is not accessible from outside the organization. |
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Healtcare Tender Tracker is a web application designed for health sector companies to track planned or received tenders, streamline product tracking, and automate due date calculations. Users can manage regular expenses like purchasing costs and personnel salaries, generate detailed reports, and receive these reports automatically via email. The app also facilitates depreciation calculations, helping businesses maintain accurate financial records. By enhancing operational efficiency, this tool empowers health sector organizations to make informed decisions and optimize their resources effectively.
⚐ Responsibilities:
⚐ Technical Points:
|
|
Polat Fleet Tracker
2017
This application is not accessible from outside the organization.
Company Website |
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Polat Teknik specializes in cooling solutions, providing equipment like coolers and refrigerators to retail and commercial vendors. The application developed for Polat Teknik enables seamless tracking of these cooling units from dispatch to delivery. Each product's QR code is scanned upon vehicle loading, updating the system in real time. Delivery personnel then upload photos to confirm receipt at the destination. The platform also manages employee oversight, allowing for task assignments and ensuring accountability. This comprehensive tracking optimizes delivery verification and operational efficiency.
⚐ Responsibilities:
⚐ Technical Points:
|
| Kisaltt 2017 Kisaltt is inactive at the moment and not being developed. |
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Kisaltt is a URL shortening service that allows users to create short, ad-free links from longer URLs. Users simply input their desired URL, and the platform generates a compact link that redirects to the original address. The service emphasizes minimalism and user-friendliness, providing a straightforward way to share links efficiently without advertising clutter.
⚐ Responsibilities:
⚐ Technical Points:
|
|
Logistics Insight Platform
2016 - 2017
This application is not accessible from outside the organization.
Company Website |
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Logistics Insight Platform is designed for a logistics company to monitor and report on their fleet of vehicles. With integrated GPS tracking, users can view the real-time location of all vehicles on a map, gaining insights into their routes and destinations. The app also allows QR code scanning of loaded products, enabling detailed tracking of which items are assigned to each vehicle. This versatile solution enhances operational efficiency and improves logistical management, accessible from both web and mobile platforms.
⚐ Responsibilities:
⚐ Technical Points:
|
|
Ustabulur
2016
Ustabulur is inactive at the moment and not being developed.
Project Archive Page |
⚐ Role: Full-Stack Software Developer
⚐ Project Description: UstaBulur is a marketplace application that connects customers with local service providers across various categories, such as cleaning, repairs, and event planning. Users can request services by specifying their needs, and providers can respond with offers. The platform facilitates communication, allowing users to compare prices and reviews before making a decision. UstaBulur aims to simplify the process of finding reliable services while enabling providers to reach a wider audience.
⚐ Responsibilities:
⚐ Technical Points:
|
|
Rulomatik
2016
Rulomatik is B2C app and accessible to all consumers.
rulomatik.com |
⚐ Role: Full-Stack Software Developer
⚐ Project Description: Rulomatik provides vending machines for car drying towels and similar products, typically placed in car washes and gas stations. The machines are designed to vend hygienic towels for drying vehicles, enhancing customer convenience. Users can purchase towels directly from the vending machine, which is easy to operate and helps maintain clean, reusable drying materials.
⚐ Responsibilities:
⚐ Technical Points:
|
- github projects -
| Docker Version Parser |
⚐ Project Description: The Docker Version Parser project provides a tool to parse and manage Docker version tags, allowing users to handle and organize Docker image versions efficiently. It simplifies the task of extracting and categorizing Docker image versions, making it easier to track updates, manage dependencies, and maintain version consistency across Docker environments.
⚐ Technical Points:
|
| Rabbitgram |
⚐ Project Description: Rabbitgram is a fast Instagram scraper that allows users to gather account information and download media (photos/videos) from Instagram accounts. The project requires Python and can be run from the command line with various parameters for scraping account data, such as follower counts, posts, and media. Users can also run Rabbitgram in a Docker container for easier setup and execution.
⚐ Technical Points:
|
| Raccoon |
⚐ Project Description: The Raccoon project is a Python-based web scrapping tool for downloading entire HTML pages, including CSS, JavaScript, images, and fonts, making it ideal for saving single-page HTML themes. Users specify the page URL and can define the output file name and directory for saved assets.
⚐ Technical Points:
|
|
Password Generator (Chrome Extension) |
⚐ Project Description: The Password Generator Extension is a Chrome extension that allows users to generate random passwords of specified lengths and character sets. Users can customize the generated strings by selecting options like uppercase, lowercase, numeric, and special characters. Once configured, the extension generates the desired string, which can be easily copied to the clipboard for use in various applications. This tool is particularly useful for creating secure passwords or unique identifiers quickly.
⚐ Technical Points:
|
|
Covid-19 Statistics (Chrome Extension) |
⚐ Project Description: The COVID-19 Statistics Extension is a browser extension that provides users with real-time COVID-19 statistics directly in their browser. It retrieves up-to-date data on cases, recoveries, and deaths from reliable sources and displays them in an accessible format. Users can view global statistics or filter by country to monitor specific regions. This tool is designed for quick access to COVID-19 data without leaving the browser.
⚐ Technical Points:
|
| Tardigrade |
⚐ Project Description: The Tardigrade project is a Python script designed for URL crawling and subdomain discovery. It enables users to find subdomains related to a specific domain and gather their IP addresses. The script can be run directly or via Docker, with options for verbose output and saving results to a JSON file.
⚐ Technical Points:
|
| Cura Engine Env |
⚐ Project Description: The Cura Engine Env project provides a Docker-based environment for running the CuraEngine, a slicing software used for 3D printing. It includes necessary dependencies such as Protobuf and libArcus. Users can either pull the image from Docker Hub or build it from the provided Dockerfile. The repository includes instructions for running the CuraEngine for slicing 3D models, and default printer settings are included in a designated folder.
⚐ Technical Points:
|
|
Clockify Widget (Notion Extension) |
⚐ Project Description: The Clockify Widget project for Notion integrates Clockify’s time-tracking capabilities into Notion pages, allowing users to monitor and manage their time directly within the Notion workspace. With this widget, users can view time entries and track project durations without switching applications, making it easier to manage productivity and keep a real-time record of their work hours in Clockify.
⚐ Technical Points:
|
| Coin Status |
⚐ Project Description: The Coins Status project is a real-time cryptocurrency tracking tool that displays live data on various coins. The application retrieves information such as current prices, percentage changes, and market trends, giving users an overview of the market in one place. This tool is useful for crypto enthusiasts and investors looking to monitor coin statuses conveniently.
⚐ Technical Points:
|
courses
#_
I offer comprehensive training programs in web infrastructure, programming, cybersecurity, and system administration, utilizing languages and frameworks such as Python, C#, .NET Core, and Linux. These courses are designed to provide in-depth technical knowledge and practical skills, reflecting my expertise in delivering structured, hands-on education for professionals and enthusiasts in the technology field.
Purpose of the Training:
The Fundamentals of Web Infrastructure training is designed for IT professionals and web developers who wish to gain a deep understanding of the core mechanisms of the internet and web technologies. This training covers a broad spectrum, from the network infrastructure that powers the web to protocols, encryption mechanisms, and modern development processes. By focusing on the technical concepts of web infrastructure and how systems operate, it provides participants with the theoretical knowledge that forms the backbone of web-based systems. Starting from the fundamental principles of the internet and extending to modern web trends, this journey equips participants with both infrastructural and operational perspectives.
Prerequisites:
There are no prerequisites for this training.
Topic List
- Introduction to Internet Fundamentals
- What is the Internet and How Does it Work?
- What is the Web?
- History and Evolution of the Internet and Web
- Physical Infrastructure of the Internet
- Protocols and Their Importance
- Who Determines Protocols?
- Compliance of Browsers and Applications with Protocols
- Core Concepts of the Internet
- IP (Internet Protocol) and IP Address
- IPv4 - IPv6
- Private and Public IPv4
- IP Range
- IP Subnet and CIDR (Classless Inter-Domain Routing)
- Port
- Gateway
- ARP (Address Resolution Protocol)
- DHCP (Dynamic Host Configuration Protocol)
- MAC (Media Access Control) Address
- WAN (Wide Area Network)
- LAN (Local Area Network)
- NAT (Network Address Translation)
- Network Infrastructure and Communication Basics
- OSI Model
- TCP/IP Model
- Differences Between UDP and TCP
- TCP Segment Structure
- TCP 3-Way Handshake (SYN, SYN-ACK, ACK)
- What are TLS and SSL?
- TLS/SSL Handshake
- Validation Process of SSL/TLS Certificates
- Packet Analysis with Wireshark and tcpdump
- Network Management and Diagnostic Tools
- NAT and IP Management (Private, Public)
- Network Interfaces
- Types of Firewalls
- Firewall Types Based on Operational Levels
- Firewall Types Based on Architecture
- Specialized Firewall Types Based on Purpose
- Ping and ICMP
- DNS Query Analysis with Host
- DNS Query Analysis with Dig
- Route Tracing with Traceroute/Tracert
- Network and Port Scanning with Nmap
- Listing Open Ports with Netstat
- TCP/UDP Connection Testing with Telnet and Netcat
- Network Performance Analysis with iPerf
- Cryptography and Encryption Mechanisms
- Hashing
- Symmetric Encryption
- Asymmetric Encryption
- RSA and Diffie-Hellman Algorithms
- Hybrid Encryption
- Differences Between Encryption and Signing
- OpenPGP Protocol and GPG
- Cryptography in Web Security
- Use Cases of Asymmetric Encryption
- Use Cases of Symmetric Encryption
- Use Cases of Hash Functions
- Use of Algorithms in TLS/SSL Handshake Process
- Cipher Suite (Encryption Package)
- HTTP/3 and TLS 1.3
- DNS (Domain Name System)
- How DNS Works
- Recursive DNS Resolver and Authoritative DNS Server
- DNS Resolution Process and Local Caching
- DNS Record Types
- Reverse DNS (Reverse DNS) and PTR Records
- Audit Blocking, Restriction, and Redirection via DNS
- DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT)
- Public DNS Services
- DNS Security
- How DNSSEC Works
- Chain of Trust
- DNSSEC Record Types
- Cache Poisoning
- DNS Load Balancing and Traffic Routing
- DNS Load Balancing
- DNS Traffic Routing
- Advantages of DNS Load Balancing and Traffic Routing
- DNS Load Balancing and Traffic Routing Algorithms
- VPN and Proxy Mechanisms
- Definition and Core Principles of VPN
- VPN Use Cases on the Web
- Common VPN Protocols and Mechanisms
- PPTP (Point-to-Point Tunneling Protocol)
- L2TP/IPSec (Layer 2 Tunneling Protocol over IP Security)
- OpenVPN
- WireGuard
- SSTP (Secure Socket Tunneling Protocol)
- VPN Network Topologies
- Point-to-Point
- Site-to-Site VPN
- Hub-and-Spoke
- Mesh Network
- SSH Tunneling vs VPN Comparison
- What is a Proxy and Its Core Principles
- Comparison of VPN and Proxy
- Proxy Types and Their Use Cases on the Web
- Forward Proxy
- Reverse Proxy
- Transparent Proxy
- SOCKS Proxy
- Proxy and HTTPS: Traffic Handling Mechanisms
- Passthrough
- Interception (SSL Inspection)
- Tunneling
- Performance Impacts of VPN and Proxy in Web Infrastructure
- Anonymity with the Tor Network
- Fundamentals of the HTTP Protocol
- HTTP Definition and Client-Server Architecture
- What is HTTP?
- What is Client-Server Architecture?
- Role of HTTP in Client-Server Architecture
- Evolution of HTTP: HTTP/1.1, HTTP/2, and HTTP/3
- URL Structure and Components
- HTTP Debugging and Analysis Tools
- cURL (Client URL)
- Telnet
- ncat
- Postman
- Browser Developer Console
- Burp Suite
- Wireshark and tcpdump
- Raw Request and Raw Response Packets
- HTTP Methods and Use Cases
- HTTP Status Codes and Their Meanings
- HTTP Headers and Their Functions
- HTTP Body and Encoding Basics
- Which Methods Use a Body?
- Body Types and Formats
- Character Encoding
- Transfer Encoding
- URL Encoding (Special Case)
- Cookies and Session Management
- HTTP Caching Mechanisms
- Types of Caching
- Caching Headers and Their Functions
- Caching Process
- HTTP Definition and Client-Server Architecture
- Modern Web Development: Architectures, APIs, and Processes
- Basics of Web Development and the Role of APIs
- API Types and Design Approaches
- REST (Representational State Transfer)
- GraphQL
- SOAP (Simple Object Access Protocol)
- gRPC
- Webhooks
- Web Architectures: Monolithic, Microservices, and Serverless
- Communication and Data Formats in Web Applications
- JSON, XML, HTML, Protobuf
- HTTP
- WebSockets
- Message Queues
- Event-Driven Approaches
- Long Polling
- HTTP/2 Server Push
- gRPC Streaming
- SignalR
- RSocket
- Use of Communication Methods in Microservice Architecture
- Version Control
- DevOps and Deployment Strategies
- Modern Web Trends
- Jamstack: Static Sites and API Integration
- No-Code Approaches
- Edge Computing: API Usage at the Edge
- Progressive Web Applications (PWA)
- Single Page Applications (SPA)
- WebAssembly (Wasm)
- Web3: Decentralized Applications and APIs with Blockchain
- Web Management and Performance Enhancement Techniques
- Management and Optimization of Web Servers
- Server Operation Methods
- Multi-Request Handling Techniques
- Direct Serving of Static Files
- Performance Optimization Techniques for Web Servers
- Reverse Proxy: Definition and Use Cases
- Performance Impacts of Modern HTTP Protocols
- Web Data Compression Methods
- Gzip (GNU Zip)
- Brotli
- WebP (Image Compression)
- Performance Effects of Compression
- Browser Support
- Web Scaling Strategies
- Fundamentals of Distributed Systems on the Web
- Basics of Distributed Systems
- Fault Tolerance in Distributed Systems
- Single Point of Failure
- Scalability and Flexibility
- Data Distribution and Consistency
- Coordination and Synchronization
- CAP Theorem and BASE Consistency Model
- Data Management in Distributed Systems
- Managing User Data in Distributed Systems
- Session Management in Distributed Systems
- Database Scaling and Management in Distributed Systems
- Consistency and Synchronization
- Web Traffic Management and Load Balancing
- Load Balancing in Web Requests
- Load Balancing Algorithms
- Traffic Routing Strategies
- Traffic Queue Management and Rate Limiting
- Stateless and Stateful Approaches in Web Traffic
- Caching Mechanisms and CDN (Content Delivery Network) Usage
- Logging and Monitoring Mechanisms
- Management and Optimization of Web Servers
- Security in Web Infrastructure
- Secure Communication and Network Security
- HTTPS and Secure Communication
- HSTS (HTTP Strict Transport Security) and Details
- SSL/TLS Configuration and Optimization
- Man-in-the-Middle (MITM) Attacks and Mitigations
- Firewall and Web Application Firewall (WAF) Usage
- IP Whitelisting and Blacklisting
- Web Server Security
- Critical Paths and Access Control
- Traffic Management and Protection
- Security Headers and Content Security Policy (CSP)
- Web Server Hardening
- Additional Security Measures
- Web Application Security
- Cross-Site Scripting (XSS) and Mitigations
- SQL Injection and Protection Methods
- Insecure Direct Object References (IDOR)
- File Upload Security
- Server-Side Request Forgery (SSRF)
- Security Misconfiguration
- Sensitive Data Exposure
- Insufficient Logging and Monitoring
- Combating and Bypassing Web Scraping Techniques
- Session and User Security
- Session Hijacking
- Session Fixation
- Cross-Site Request Forgery (CSRF)
- Clickjacking
- Broken Authentication
- API Security
- Broken Object Level Authorization (BOLA)
- Broken Authentication
- Excessive Data Exposure
- Injection Attacks (API-Focused)
- DDoS Attacks (Distributed Denial of Service Attacks)
- Security Testing and Analysis
- Core Approaches to Security Testing
- Security Testing Methodologies and Standards
- Post-Attack Analysis and Forensics
- Comprehensive Elements of Security Testing and Analysis
- Tools and Technologies
- Risk Management in Web Security
- Modern Web Security Standards and Approaches
- OWASP (Open Web Application Security Project)
- CVE (Common Vulnerabilities and Exposures)
- CVSS (Common Vulnerability Scoring System)
- ISO/IEC 27001
- DevSecOps
- Zero Trust Security Model
- Bug Bounty Programs
- Future Trends
- Secure Communication and Network Security
Purpose of the Training
The Linux System Administration training is designed for individuals aiming to master the essentials of managing Linux systems. This course covers foundational skills such as shell usage, file and user management, and advanced topics like network configuration, process monitoring, and shell programming. Participants will gain practical knowledge to efficiently administer Linux environments, ensuring system performance, security, and automation.
Prerequisites
There are no prerequisites for this training.
Topic List
- Introduction
- Shell and Basic Commands
- Linux Directory Structure
- Shell Usage
- Advanced Shell Operations
- Text Editors
- User and Group Management
- File Permissions and Ownership
- Running Commands as Another User
- HTTP Requests and Download Files
- Compressing Files and Directories
- Package Management
- Process Management
- Disk Management
- Linux Services
- Network Management
- Scheduled Tasks on Linux
- Shell Programming
Purpose of the Training
The Programming with Python training is designed for beginners and those looking to acquire software development skills using Python. It covers a wide range, from Python’s core concepts to object-oriented programming, web scraping, and database operations. The training equips participants with theoretical knowledge and practical skills through Python’s simple syntax, providing a strong foundation for their software development journey.
Prerequisites
There are no prerequisites for this training.
Topic List
- Introduction to Programming with Python
- History and Overview of Python
- Advantages and Use Cases of Python
- Python Installation and Development Environments
- First Python Program: "Hello World"
- Python Syntax and Language Structure
- Variables and Variable Declaration
- Variable Naming Rules
- Code Indentation
- Comments
- Basic Syntax Rules (PEPs and PEP-8)
- Reserved Keywords in Python
- Print Function
- EXTRA: Python Lexical Structure
- Data Types and Structures - Introduction
- Overview of Data Types
- Variable Assignment and Dynamic Typing
- Introduction to Type Checking and Conversion
- Memory Usage in Python
- Everything is "First Class"
- Mutable vs. Immutable Objects
- Python Referencing Background
- Memory Optimization in Python Implementation
- Caching Small Integer Values
- String Interning
- Data Types - Numeric Types
- Integers and Their Properties
- Floats and Precision
- Arithmetic and Assignment Operators
- Mathematical Functions
- Data Type Conversions
- Data Types - Text-Based Types
- String Definition and Basic Operations
- Escape Characters
- Raw Strings
- String Operators
- String Formatting
- String Methods
- Bytes and Bytearray Concepts
- Encoding and Decoding Operations
- Data Types - Boolean
- Boolean Values
- Comparison Operators
- Logical Operators
- Short-Circuit Evaluation
- Chaining Comparisons
- Collection Data Structures - Lists
- List Definition and Properties
- List Operators
- Operations with List Data
- List Methods
- Multidimensional Lists (Nested Lists)
- Collection Data Structures - Tuples
- Tuple Definition and Properties
- Differences Between Tuples and Lists
- Tuple Operators
- Tuple Methods
- Packing and Unpacking Operations
- Collection Data Structures - Dictionaries
- Dictionary Definition and Key-Value Structure
- Dictionary Operators
- Operations with Dictionary Data
- Dictionary Methods
- Multidimensional Dictionaries (Nested Dictionaries)
- Collection Data Structures - Sets (Set and Frozenset)
- Set Definition and Properties
- Differences Between Sets and Lists
- Set Operators
- Operations with Set Data
- Set Methods
- Frozenset and Immutable Set Concept
- Use Cases for Sets
- Type Conversions
- Basic Type Conversion Functions
- Implicit and Explicit Conversion
- Error Handling in Type Conversion
- Console Interaction
- Print Function and Its Parameters
- Receiving User Input
- Conditional Statements
- If, Elif, and Else Structure
- Short-Circuit Evaluation
- Nested Conditions
- Best Practices for Error Handling
- Ternary Operator Usage
- Loops - While
- Structure and Usage of While Loops
- Break and Continue Statements
- Infinite Loops and Control Mechanisms
- Using Else with While
- Loops - For
- Basic Structure of For Loops
- Creating Loops with the Range Function
- Loops Over Lists, Tuples, and Dictionaries
- Using Else with For
- String Formatting
- Old-Style Formatting (% Operator)
- Str.format() Method
- F-String Usage and Advantages
- Formatting Examples and Tips
- Functions
- Defining and Calling Functions
- Parameters and Default Values
- Mutable Parameters
- Return Statement and Multiple Returns
- Keyword Arguments and Args/Kwargs Usage (Packing & Unpacking)
- Function Documentation (Docstring)
- Function Annotations
- Namespace and Scope
- Local and Global Variables
- Scope Hierarchy (LEGB Rule)
- globals() and locals() Key Functions
- Modifying Variables Outside Scope
- Global and Nonlocal Keywords
- Lambda Functions
- Definition and Syntax of Lambda Functions
- Creating Single-Line Functions
- Usage with Map, Filter, and Reduce
- List Comprehensions
- Basic Structure of List Comprehensions
- Conditional List Comprehensions
- Dictionary and Set Comprehensions
- Nested List Comprehensions
- Object-Oriented Programming (OOP)
- Class and Object Concepts
- Inheritance and Multiple Inheritance
- The self Keyword
- Constructor Method
- Attributes and Methods
- Encapsulation and Access Control
- Special Methods (Magic Methods: init, str, etc.)
- EXTRA: The Meaning of Underscores in Python
- Modules and Packages
- Defining and Importing Modules (import)
- Standard Library Modules (math, random, etc.)
- Package Structure and Usage
- Subpackage Usage
- Installing Third-Party Packages (pip)
- Using Python Virtual Environments
- Exception Handling
- Try, Except, Else, and Finally Structure
- Defining Custom Exceptions
- Raising Errors with Raise
- Iteration and Generators
- Iteration Concept and Iterable Objects
- Generator Functions and Yield
- Generator Expressions
- Performance and Advantages of Iteration
- Working with Files
- Opening and Closing Files
- Reading and Writing Files
- Error Handling in File Operations
- File Management with the With Statement
- File Encoding
- Working with JSON, XML, and YAML
- Introduction to JSON Format and Usage
- Reading and Writing JSON Data (json module)
- XML Format Basics and Parsing (xml.etree.ElementTree)
- Introduction to YAML Format and Usage (pyyaml)
- Comparison of Different Data Formats
- Data Conversion and Error Handling
- Handling HTTP Requests
- Introduction to HTTP Protocol and Core Concepts
- Operations with the Requests Library
- Using Headers and Parameters
- Fetching and Processing Data from APIs
- Web Scraping
- HTML Parsing with BeautifulSoup
- Fetching Web Page Content with Requests
- Processing Dynamic Pages with Selenium
- Data Extraction and Cleaning Techniques
- Database Operations
- Introduction to Database Types (SQL vs NoSQL)
- Lightweight Database Management with SQLite
- ORM Usage with SQLAlchemy
- Connecting to MySQL or PostgreSQL
- CRUD Operations (Create, Read, Update, Delete)
Purpose of the Training
The Cybersecurity Techniques with Python training is designed for individuals seeking to master offensive and defensive security skills using Python. This course explores passive and active reconnaissance, system vulnerability analysis, backdoor creation, cryptography, and defensive security practices. Participants will learn to leverage Python for real-world cybersecurity tasks, building practical tools and techniques to identify, exploit, and mitigate security risks effectively.
Prerequisites
Basic Python knowledge is required for this course.
Topic List
- Passive Recon
- Collecting Business Information
- Get Whois Records
- Social Engineering
- Active Scan
- Using Console Commands with Python
- Subfolder and Subdomain Scan
- Session Hijacking
- Getting Headers, Robots.txt and Sitemap Files
- Collecting Information from Source Code
- Form Brute-Force Attacks
- Port Scan
- SQL Brute-Force Attacks
- SQL-Injection
- FTP Brute-Force Attacks
- System Research
- File Search on A System
- Vulnerability Test with Payloads
- Backdoor
- Python Reverse Shell
- Basic HTTP Server with Python
- Permanent Web Backdoor
- Linux Services and Cronjob
- Cryptography
- Create User-defined Wordlist
- Hash Cracking
- Zip Cracking
- Steganography
- Defensive Security
- Get File Metadata
- File Parsing
- Online Malware Scanning with Python
- Using SMTP with Python
- Getting Threat Data and Implement to Firewall
- Monitoring Web Apps and IPs
- Projects
- Basic OSINT Tool
- Firewall Integrated Web API
Purpose of the Training
The Web Programming with .NET Core training is designed for developers aiming to create modern web applications using the .NET Core framework. This course covers the fundamentals of web development, including protocols, .NET Core architecture, and key features like Razor views, controllers, and database integration. Participants will gain hands-on skills in building robust, scalable web solutions, while exploring advanced topics such as dependency injection, middleware, and design patterns for professional development.
Prerequisites
Basic C# knowledge is required for this course.
Topic List
- Web Protocols and Web Lifecycle
- Introduction to .NET Core
- Razor View Engine
- Tag Helpers
- Views
- Controllers
- Communications Between Controller and View
- Models and Model Binding
- Database Integration
- Database CRUD Operations
- Action Results
- View Components
- Cookie and Session Management
- Validations
- Routing
- Areas
- Filters
- Deployment
- In-Depth - How .NET Core Works?
- In-Depth - Dependency Injection
- In-Depth - Middlewares
- In-Depth - Project Architectures
- In-Depth - Design Patterns
Purpose of the Training
The Programming with C# training is designed for individuals looking to build a solid foundation in C# development. This course introduces the essentials of C# programming, from creating console applications to mastering variables, collections, control structures, and object-oriented principles. Participants will learn to write efficient, structured code and handle exceptions, preparing them for real-world software development using C#.
Prerequisites
There are no prerequisites for this training.
Topic List
- Introduction to C#
- Creating Console Applications
- C# Lexical Structure
- Variables
- Type Conversions
- Collections
- Operators
- Condition Statements
- Loops
- Functions
- Object Oriented Programming
- Exception Handling
Course details will be updated soon.
Course details will be updated soon.
Course details will be updated soon.
blog
- blog posts -
All my blogs are on my
personal blog page and my Medium account.
- lecture notes -
| software | (tr) python ile programlama |
| software | (tr) web programming with ASP.NET Core |
| software | (tr) web programming with ASP.NET Framework |
| software | (tr) destop programmming with C# |
| software | (tr) introduction to programming with C# |
| electronics | (tr) introduction to electronics with Arduino |
contact
I am currently living in Istanbul, Turkey.
You can reach me via email:
contact[at]serhatsonmez[.]net
Find me on decentralized internet with handshake domain:
https://serhatsonmez
PGP key for mail/file encryption:
download public PGP key
fingerprint: 1D701676F48129D17AA8EA40CCD8793AA1665CC7
You can reach me via email:
contact[at]serhatsonmez[.]net
Find me on decentralized internet with handshake domain:
https://serhatsonmez
PGP key for mail/file encryption:
download public PGP key
fingerprint: 1D701676F48129D17AA8EA40CCD8793AA1665CC7