My name is Kritistha Khatiwada, and I am a 15-year-old cybersecurity student deeply immersed in learning and
mastering ethical hacking. I am dedicated to understanding how to secure systems and networks in today's
ever-evolving digital landscape.
I primarily use Kali Linux, a powerful operating system designed for penetration testing and ethical hacking.
You can learn more about it at kali.org.
Tools I Use in Kali Linux
Bettercap: A versatile tool used for network attacks and monitoring, including
Man-in-the-Middle (MITM) attacks, packet sniffing, and spoofing.
Nmap: A network scanning tool used for discovering hosts, services, and open ports on a
network. It's essential for network reconnaissance and security auditing.
Shodan: A search engine for finding connected devices across the internet, widely used
for identifying vulnerable systems.
The Harvester: A tool for gathering information about a target, such as email
addresses, subdomains, and usernames, from public sources.
Nikto: A web server vulnerability scanner that helps identify security issues, outdated
software, and misconfigurations.
Sherlock: A tool for locating usernames across various social media platforms, aiding
in digital footprint analysis.
Wifite: A tool for automating Wi-Fi network attacks, such as cracking passwords and
capturing packets.
Wireshark: A network protocol analyzer used for monitoring and troubleshooting network
traffic in real-time.
PyPhisher: A Python-based tool for phishing simulations to test social engineering
attacks.
OWASP ZAP: A powerful tool for web application security testing, used for identifying
vulnerabilities like SQL injection, XSS, and more.
Truecaller JS: A tool for extracting information such as names, regions, and spam
status of phone numbers using the Truecaller API.
Skills in Cybersecurity
I have hands-on experience with several key techniques in ethical hacking, such as:
Directory Enumeration: Identifying directories and files on a server, crucial for
penetration testing.
SQL Injection: Exploiting vulnerabilities in web applications to interact with backend
databases in unintended ways.
DDoS and DoS Attacks: Understanding Distributed Denial of Service (DDoS) and Denial of
Service (DoS) attacks to recognize and mitigate these threats.
Cross-Site Scripting (XSS): Identifying and exploiting vulnerabilities in web
applications to inject malicious scripts.
Account hacking for Legal Purpose under extreme condition:
I have expertise in understanding account security vulnerabilities across platforms like Facebook,
Instagram, Gmail, and gaming accounts. I can identify weaknesses in authentication methods, such as
password security or phishing susceptibility, and offer strategies to strengthen account protection.
For those unfamiliar with these concepts, they are critical in identifying and securing vulnerabilities that
hackers could exploit. Ethical hackers use these techniques responsibly to strengthen cybersecurity.
Additional Skills
Beyond cybersecurity, I am proficient in Python programming and have experience in creating websites using
modern tools and technologies.
Contact
For inquiries or collaborations, feel free to reach out to me at