Darshan Thummar’s Post

Server-side logs only tell half the security story. The other half lives in the wire traffic your application never reports on. I just published a walkthrough on using mitmproxy as a scriptable security regression harness. Not packet inspection for its own sake; a programmable test layer that automates what you would otherwise do manually. The Python addon I built does three things: - Flags missing security headers on every response - Detects bearer tokens leaking in query strings - Simulates a hostile network by stripping HSTS You can build the whole harness in 30 minutes on a local proxy. I also cover where it breaks down: certificate pinning, HTTP/2 multiplexing, and QUIC paths are real constraints you will hit. If you are responsible for proving your security controls actually work, not just assuming they do, this might be useful. Have you ever caught something in wire traffic that your server logs completely missed? https://lnkd.in/d2_JzW3V

🚨 “What If You Couldn’t Use Nmap?” No tools. No automation frameworks. Just raw network behavior. That’s exactly why I built a manual port scanner using Python sockets. After working on automated reconnaissance, I wanted to go deeper — not just run scans, but understand how scanning actually works under the hood. 🛠️ What I built: ✔ Custom TCP port scanner (no external tools) ✔ Threaded scanning for performance ✔ Banner grabbing for service identification ✔ Domain → IP resolution ✔ JSON-based structured reporting ✔ Exception handling for real-world network issues 💡 Why this matters for defenders: Most people rely on tools like Nmap. But in real environments: • Tools may be restricted • You may need lightweight agents • You need deeper visibility into behavior Understanding sockets = understanding how attackers and scanners actually interact with systems. 🔍 This enables: • Internal network mapping • Exposure validation without dependencies • Faster incident response triage • Custom defensive tooling This is where automation turns into engineering. 🔗 Code: https://lnkd.in/gpwrY2mP #CyberSecurity #BlueTeam #Python #NetworkSecurity #SOC #SecurityEngineering #DefensiveSecurity

#100DaysofCyberSecurity with Victor Akinode LESSON 93: Building Network Packet Sniffer with Scapy Today I worked on building a network packet sniffer using Scapy in Python. It was a deep dive into how network traffic actually moves and how we can inspect it at the packet level. I learned how Scapy can capture live packets directly from a network interface and break them down into layers like Ethernet, IP, TCP, UDP, and DNS. What stood out to me was how each packet carries structured information that can be extracted and analyzed in real time. Another key lesson was understanding how promiscuous mode works. This allows the network interface to capture all traffic, not just what is meant for the device. I also explored how raw sockets give low level access to network data, which is why administrator privileges are required. Filtering with BPF rules was also interesting. It makes packet capture efficient by allowing us to focus only on traffic we care about, such as HTTP or DNS traffic. I also saw how different protocols behave differently, like TCP being connection oriented while UDP is connectionless. This lesson made me appreciate how tools like Wireshark work behind the scenes and how much control Python can give us when working with networks. https://lnkd.in/ekNBerZH

Logout in AuthShield was supposed to be straightforward. User clicks logout. Token gets invalidated. Done. Except a JWT cannot be invalidated. It is a signed string. There is nothing to delete. It just keeps working until it expires. That one realization pulled on everything else. If logout needs a blacklist, access tokens need to be short-lived so the blacklist stays small. If tokens are short-lived, users cannot stay logged in without constantly re-authenticating. That means two tokens - a short-lived access token for requests, a long-lived refresh token to silently replace it. But a long-lived refresh token is a theft target. So it rotates on every use. But rotation alone does not stop an attacker who uses the token before the real user does. Token families. Every refresh token belongs to a chain tied to a single login. The moment an already-rotated token is used again, the entire chain is revoked. Attacker and real user both get logged out. Four problems. Each one hiding behind the previous one. Full breakdown with the Python implementation in the blog. Link in the comments 👇 #BackendEngineering #Python #JWT #Security #Authentication #SoftwareEngineering

🚀 Just finished building a Pentest Automation Dashboard using Python & Flask. This project simulates a real-world pentesting workflow: - Nmap scanning - Service analysis - Automated actions - Web dashboard with history One of the biggest challenges was debugging real-world issues like: timeouts, subprocess blocking, networking in virtual machines, and proxy misconfigurations. This was a great hands-on experience combining networking + automation + backend development. 🔗 GitHub: https://lnkd.in/eeJ5VSVU #python #cybersecurity #networking #flask #pentesting

🚀 Day 5/100: The Power of Loops & Automation! 🔐⚙️ Day 5 of #100DaysOfCode is complete! Today was a deep dive into "For Loops" and how they can be used to automate repetitive tasks and handle complex sequences. I built a High-Security Password Generator that: ✅ Iterates through lists using For Loops. ✅ Utilizes the 'random.shuffle' function to increase entropy. ✅ Combines strings, numbers, and symbols based on specific user requirements. Understanding loops is like unlocking a new level of strength—it’s the foundation for processing large datasets and building secure systems. 🛡️ Check out my code here: 🔗 https://lnkd.in/gE_7bZqP One step closer to mastery. Day 6 is next! ⚔️ #Python #100DaysOfCode #CyberSecurity #Automation #ForLoops #CodingChallenge #PythonProgramming

Built a small OSINT-based tool using Python to extract publicly available phone numbers from websites. Focused on: Automated scanning across common endpoints Regex-based data extraction Clean and reusable structure This is part of my journey into cybersecurity and security automation. GitHub: https://lnkd.in/dFVEwhkC More improvements coming next.

Day 92 of 100 Days Cybersecurity Challenge with Victor Akinode & The Victor Akinode Initiatives Topic: Building a Simple Port Scanner Using Python Understanding how security tools work internally is essential for building strong technical foundations. Today’s focus was on developing a basic network port scanner using Python’s socket library, highlighting the mechanics behind TCP-based scanning. Key Areas Covered: Socket-Based Connection Logic TCP Connect scanning was explored using socket.connect_ex(). This method returns system-level status codes: •0: Successful connection (open port) •Non-zero values: Closed or filtered ports This demonstrates how port scanners determine service availability at a low level. Automation and Contextual Intelligence A structured scanning approach can include: •Service Mapping: Associating open ports with common services (e.g., SSH – 22, HTTP – 80, HTTPS – 443) using dictionary-based lookups •Flexible Scanning Options: Supporting individual ports, custom port lists, or predefined common port ranges •Input Validation: Ensuring only valid IP addresses are processed to maintain script stability Handling Real-World Network Conditions Reliable tools must account for unpredictable environments: •Timeouts: Prevent the scanner from stalling on unresponsive hosts •Error Handling: Using try-except blocks to manage interruptions (e.g., manual termination) and runtime issues gracefully Key Takeaway Understanding low-level networking concepts such as TCP connections and port states provides deeper insight into how tools like Nmap operate. Building these capabilities from scratch strengthens both offensive and defensive security skills. Learn more here: https://lnkd.in/eisag2uE #CyberSecurity #Networking #PortScanning #InfoSec #Automation #CyberSecurityLearning #SecureCoding #100DaysCybersecurityChallenge

: 🎯 From Scripts to Systems Today marks a major shift in my Python journey. I moved beyond writing one-time scripts and built my first Continuous Security Terminal. Instead of the program running and immediately closing, I implemented an Infinite Menu System that stays active, processes user commands, and manages security states in real-time. What I built today: ✅ The "While True" Loop: Created a persistent environment that only closes when the "Shut Down" command is given. ✅ Multi-Feature Menu: Integrated login security, system status reports, and a graceful exit sequence. ✅ Password Strength Integration: Linked yesterday's logic to the login portal—if your password isn't "industry standard," the terminal rejects your access. ✅ The Time Module: Added time.sleep to simulate a realistic system boot and shutdown experience. Key takeaway: Coding isn't just about solving a math problem; it's about building an experience for the user. Seeing my logic loop back and wait for my next command feels like a huge win. The logic is getting deeper, and the tools are getting sharper. #Python #CyberSecurity #CodingJourney #SoftwareEngineering #VSCode #TechCommunity #BuildInPublic

FinalRecon: Boost Web Recon, 10X Faster Results FinalRecon the "Swiss Army Knife" of web reconnaissance. FinalRecon is an all-in-one Python framework that automates everything from SSL certificate analysis and WHOIS lookups to directory searching and port scanning. It’s built for the professional who needs a fast, accurate overview of a target's digital footprint without the bloat. Inside the new masterclass: ✅ 360-Degree Recon: How to use the --full flag for a complete tactical overview. ✅ Modular Intelligence: Deep dives into the Crawler, DNS Enumeration, and Traceroute modules. ✅ High-Speed Discovery: Leveraging async Python for rapid directory searching and port scanning. ✅ Export Readiness: Generating structured reports in Text, XML, or CSV for seamless handoffs. Stop executing tools. Start executing a strategy with FinalRecon. Read more: [https://lnkd.in/gqFxYTVe] #WebSecurity #FinalRecon #OSINT #BugBounty #CyberSecurity #RedTeaming #InfoSec #Pentesting #Python