🛡️ Scanning Isn’t a Tool. It’s a Technique. In my previous posts, I automated reconnaissance using Nmap. But this time, I challenged myself: 👉 Can I build a scanner from scratch? So I did — using only Python’s socket module. No shortcuts. 🧠 What I implemented: ✔ Manual TCP connection scanning ✔ Multi-threaded port discovery ✔ Banner grabbing for service fingerprinting ✔ Structured JSON logging ✔ Robust error handling (timeouts, unreachable hosts) And this changed how I think about security. Because now I don’t just see: “Port 80 is open” I understand: “How that connection is established” “What the service returns” “How detection could work” 🚨 Real defensive value: • Validate firewall rules • Detect unexpected services • Support incident response • Build lightweight internal scanners This is the shift: From using tools → to building them. And that’s where real blue-team capability starts. 📌 Full implementation available in my GitHub https://lnkd.in/gyZqM2Hd More defensive tooling coming soon. #CyberSecurity #BlueTeam #Python #SOC #ThreatDetection #SecurityAutomation #DefensiveEngineering

Day 92 of 100 Days Cybersecurity Challenge with Victor Akinode & The Victor Akinode Initiatives Topic: Building a Simple Port Scanner Using Python Understanding how security tools work internally is essential for building strong technical foundations. Today’s focus was on developing a basic network port scanner using Python’s socket library, highlighting the mechanics behind TCP-based scanning. Key Areas Covered: Socket-Based Connection Logic TCP Connect scanning was explored using socket.connect_ex(). This method returns system-level status codes: •0: Successful connection (open port) •Non-zero values: Closed or filtered ports This demonstrates how port scanners determine service availability at a low level. Automation and Contextual Intelligence A structured scanning approach can include: •Service Mapping: Associating open ports with common services (e.g., SSH – 22, HTTP – 80, HTTPS – 443) using dictionary-based lookups •Flexible Scanning Options: Supporting individual ports, custom port lists, or predefined common port ranges •Input Validation: Ensuring only valid IP addresses are processed to maintain script stability Handling Real-World Network Conditions Reliable tools must account for unpredictable environments: •Timeouts: Prevent the scanner from stalling on unresponsive hosts •Error Handling: Using try-except blocks to manage interruptions (e.g., manual termination) and runtime issues gracefully Key Takeaway Understanding low-level networking concepts such as TCP connections and port states provides deeper insight into how tools like Nmap operate. Building these capabilities from scratch strengthens both offensive and defensive security skills. Learn more here: https://lnkd.in/eisag2uE #CyberSecurity #Networking #PortScanning #InfoSec #Automation #CyberSecurityLearning #SecureCoding #100DaysCybersecurityChallenge

: 🎯 From Scripts to Systems Today marks a major shift in my Python journey. I moved beyond writing one-time scripts and built my first Continuous Security Terminal. Instead of the program running and immediately closing, I implemented an Infinite Menu System that stays active, processes user commands, and manages security states in real-time. What I built today: ✅ The "While True" Loop: Created a persistent environment that only closes when the "Shut Down" command is given. ✅ Multi-Feature Menu: Integrated login security, system status reports, and a graceful exit sequence. ✅ Password Strength Integration: Linked yesterday's logic to the login portal—if your password isn't "industry standard," the terminal rejects your access. ✅ The Time Module: Added time.sleep to simulate a realistic system boot and shutdown experience. Key takeaway: Coding isn't just about solving a math problem; it's about building an experience for the user. Seeing my logic loop back and wait for my next command feels like a huge win. The logic is getting deeper, and the tools are getting sharper. #Python #CyberSecurity #CodingJourney #SoftwareEngineering #VSCode #TechCommunity #BuildInPublic

Built a small OSINT-based tool using Python to extract publicly available phone numbers from websites. Focused on: Automated scanning across common endpoints Regex-based data extraction Clean and reusable structure This is part of my journey into cybersecurity and security automation. GitHub: https://lnkd.in/dFVEwhkC More improvements coming next.

Day 88 of my 100 Days Cybersecurity Journey with Victor Akinode and The Victor Akinode Initiatives Today we focused on building a strong foundation in Python, not just as a programming language, but as a tool for solving real security problems. We started with the basics, but this time with intention. Understanding variables and assignment is not just about storing data, it is about controlling how information flows within a script. In cybersecurity, that could mean handling IP addresses, parsing logs, or tracking suspicious activity. Working with data types gave us more clarity. Strings are everywhere in security, from log entries to HTTP requests. Integers help with counts, ports, and packet sizes. Lists allow grouping of data such as multiple IPs or file paths. Dictionaries are powerful because they mirror real world structures like JSON responses, headers, and configurations. We also explored operators, which are the backbone of logic. Comparison operators help in making decisions such as detecting anomalies. Logical operators allow chaining conditions together, which is critical when writing detection rules or filtering data. Using print helped us understand how scripts communicate results, while input introduced interaction. This is important when building tools that require user input like scanning targets or selecting attack parameters in controlled environments. What stood out today is that these fundamentals are not basic in the real sense. They are the building blocks of everything we will write going forward, from automation scripts to security tools. Every advanced tool started with simple concepts like these. The goal is not just to learn Python, but to think like a problem solver who can translate security challenges into code. I hope you find this informative. Join us and you will forever be glad you did. https://lnkd.in/eqQFhXVe #100DaysCybersecurityChallenge #100DaysWithVictorAkinode #100DaysWithVA #100DaysWithVAI #100DaysCybersecuritywithVA #100DaysWithVictorAkinodeInitiatives

09/90 Days Architecting a Security RAG Engine for 500+ page documents. Here’s the 2-phase blueprint: 🏗️ 𝟭. 𝗣𝗵𝗮𝘀𝗲 𝗣𝗶𝗽𝗲𝗹𝗶𝗻𝗲: Mastered Ingestion (Prep) & Inference (Answers). Strategy > Guesswork. 🛠️ 𝟮. 𝗖𝗼𝗻𝘁𝗲𝘅𝘁 𝗶𝘀 𝗞𝗶𝗻𝗴: Used "Recursive" splitting (500-1000 overlap) so the LLM never loses the plot. ✂️ 𝟯. 𝗩𝗲𝗰𝘁𝗼𝗿 𝗩𝗮𝘂𝗹𝘁: High-dimensional math (text-embedding-3-small) turns raw text into a searchable brain. 𝟰. 𝗦𝗲𝗺𝗮𝗻𝘁𝗶𝗰 𝗠𝗮𝘁𝗰𝗵𝗺𝗮𝗸𝗶𝗻𝗴: Cosine Similarity finds the needle in the haystack every single time.🔍 𝟱. 𝗛𝗮𝗹𝗹𝘂𝗰𝗶𝗻𝗮𝘁𝗶𝗼𝗻 𝗞𝗶𝗹𝗹𝗲𝗿: Augmenting prompts to ground the LLM in facts, not fiction. 🛡️ 𝟲. 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗚𝘂𝗮𝗿𝗱𝗿𝗮𝗶𝗹𝘀: Streaming responses with built-in locks. Because I have trust issues. 🚧 for more details with example #Python #GenAI #LangChain #DevSecOps #RAG #CyberSecurity #SoftwareEngineering #Architecture

Day 89 of my 100 days cybersecurity Journey with Victor Akinode and The Victor Akinode Initiatives Mastering control flow in Python is where things start to feel powerful. This is the point where your scripts stop being static and begin to make decisions, repeat actions, and behave like real security tools. Control flow simply means how your program decides what to do next. With if, elif, and else statements, you can introduce logic into your scripts. This is critical in cybersecurity because most tasks depend on conditions. For example, you may want to flag an IP address only if it appears suspicious, or trigger an alert only when a certain threshold is exceeded. Instead of manually checking logs, your script can make that decision for you in real time. Loops take things further. A for loop allows you to iterate through lists such as IP addresses, usernames, or log entries. A while loop keeps running as long as a condition remains true. This is useful for continuous monitoring, such as watching a log file for new entries or repeatedly checking if a service is up or down. Functions bring structure and clarity to your code. Instead of writing the same logic multiple times, you define it once and reuse it. In a security context, you might create a function to scan a port, validate an email, or analyze a log entry. This makes your scripts cleaner, easier to maintain, and more scalable. When you combine these concepts, you begin to see how real security tools are built. Imagine a simple scenario. A script reads a log file, loops through each entry, checks if it contains suspicious activity, and then calls a function to handle the alert. That is the foundation of automation in a Security Operations Center. This is how analysts move from manual investigation to automated detection. At this stage, you are not just learning Python. You are learning how to think like someone who builds solutions, not just uses tools. I hope you find this Informative. Join us as you keep learning and building. https://lnkd.in/eevNQZYX #100DaysCybersecurityChallenge #100DaysWithVictorAkinode #100DaysWithVA #100DaysWithVAI #100DaysCybersecuritywithVA #100DaysWithVictorAkinodeInitiatives

Server-side logs only tell half the security story. The other half lives in the wire traffic your application never reports on. I just published a walkthrough on using mitmproxy as a scriptable security regression harness. Not packet inspection for its own sake; a programmable test layer that automates what you would otherwise do manually. The Python addon I built does three things: - Flags missing security headers on every response - Detects bearer tokens leaking in query strings - Simulates a hostile network by stripping HSTS You can build the whole harness in 30 minutes on a local proxy. I also cover where it breaks down: certificate pinning, HTTP/2 multiplexing, and QUIC paths are real constraints you will hit. If you are responsible for proving your security controls actually work, not just assuming they do, this might be useful. Have you ever caught something in wire traffic that your server logs completely missed? https://lnkd.in/d2_JzW3V

#100DaysofCyberSecurity with Victor Akinode LESSON 93: Building Network Packet Sniffer with Scapy Today I worked on building a network packet sniffer using Scapy in Python. It was a deep dive into how network traffic actually moves and how we can inspect it at the packet level. I learned how Scapy can capture live packets directly from a network interface and break them down into layers like Ethernet, IP, TCP, UDP, and DNS. What stood out to me was how each packet carries structured information that can be extracted and analyzed in real time. Another key lesson was understanding how promiscuous mode works. This allows the network interface to capture all traffic, not just what is meant for the device. I also explored how raw sockets give low level access to network data, which is why administrator privileges are required. Filtering with BPF rules was also interesting. It makes packet capture efficient by allowing us to focus only on traffic we care about, such as HTTP or DNS traffic. I also saw how different protocols behave differently, like TCP being connection oriented while UDP is connectionless. This lesson made me appreciate how tools like Wireshark work behind the scenes and how much control Python can give us when working with networks. https://lnkd.in/ekNBerZH

Ever wondered how you can tell if a file has been secretly modified… even by a single byte? 🤔 That question led me to build something practical 👇 🚀 I recently developed a File Integrity Checker using Python — a tool that detects even the smallest changes in a file using cryptographic hashing. What started as a simple idea turned into a deeper learning experience. 💡 Same file → always same hash 💡 Tiny change → completely different hash 💡 That’s exactly how systems detect tampering 🔐 Features I implemented: • Generate hashes (MD5, SHA-1, SHA-256, SHA-512) • Verify file integrity using expected hash values • Compare two files instantly (with parallel processing ⚡) • Maintain a clean, readable history log • Drag & drop support for better usability ⚙️ This project helped me understand: • How hashing works in real-world security • Multithreading for performance optimization • File handling in Python • Building GUIs with Tkinter What I liked most is that this isn’t just a “project” — it’s actually useful in scenarios like data validation, cybersecurity, and detecting file corruption. 🔗 Check it out here: https://lnkd.in/g2ApCuAh Would love your feedback or suggestions! #Python #CyberSecurity #BuildInPublic #LearningByDoing #Projects #SoftwareDevelopment