Ifeoluwa Adegbite

Day 5 - Web UI done. Flask + vanilla JS. No framework needed. 30+ findings is noise without structure. Severity cards, per-module breakdown, risk score ranking, now you can triage in seconds. DNS, SSL, and port scanning modules tomorrow. #BuildInPublic #Flask #CyberSecurity

@irachoudhry That's exactly the reason for building it from scratch. You can't really internalize why time-based detection exists until you've hit a backend that swallows every error-based payload cleanly and returns 200 regardless.

the fact that you're distinguishing between payload types on day 3 is solid. most people skip straight to automated tools without understanding why different techniques matter for different backends. building a scanner from scratch is one of the best ways to actually internalize this stuff — keep going

Day 3 - SQLi module done. Error-based, tautology, and time-based payloads aren't interchangeable, they catch different backends. XSS tomorrow. #BuildInPublic #CyberSecurity #SQLInjection

Day 4 - XSS + header analysis done. Reflected XSS: raw response, not rendered DOM. Payload variety matters, different payloads catch different sanitization gaps. Missing headers are findings. Weak configs are also findings, unsafe-inline in CSP is worse than no CSP. #XSS

@thekidcentury Congrats bro

End of an Era. Nysc Done and dusted. Onto the next phase of life. Now searching for employment opportunities in the design and tech space Please employ me.

@LessonsFromProd Exactly. Reading about SQL injection and actually building detection logic for it are two different things. The edge cases you only find by doing it.

that's a solid learning project. building something real forces you to understand the exploits deeply — way more than reading about them. The documentation habit will pay off too. When you hit something confusing in month two, past you will have your back. Ship the janky version first, refine as you go.

Starting a new project today. Building a web vulnerability scanner from scratch in Python as a student into cybersecurity. SQL injection. XSS. Misconfigured headers. The works. Documenting every step here. Day 1. Let's go. #BuildInPublic #CyberSecurity #Python

Day 2 - Architecture before code. Three layers: core engine, dispatcher, aggregator/reporter. Shared schema: module, severity, title, description, evidence. That contract makes everything composable. All 15 modules run concurrently. Unglamorous. Necessary. #Python #CyberSecurity

@thekidcentury Really nice work!

Illustrations for a Pitch Deck, 2025 This is my work. I did this.