Uchechukwu Odoemelam
Software engineer exploring the broad computer science field, with a growing concentration in network and cybersecurity.
Below is a collection of small, tested cybersecurity tools I've built — each pairs a demo vulnerable server with a scanner that detects the issue and confirms the fix.
XSS Reflection Scanner
Built an XSS reflection scanner with an Express demo server exposing three endpoints at different security levels (raw, HTML-escaped, CSP-protected). All 16 node:test tests passed, covering true positives, false positives, output format, and edge cases.
Port Scanner with Service Fingerprinting
Built a parallel TCP port scanner that fingerprints services via banner analysis (HTTP response headers, SMTP 220 greeting, echo reflection). Demo server exposes HTTP, TCP echo, and fake SMTP on consecutive ports. All 22 node:test tests passed on first run.
SQL Injection Detector
Built a SQL injection detector with an Express + node:sqlite demo server exposing vulnerable (string-concatenated) and safe (parameterized) login and search endpoints. All 20 node:test tests passed, covering error-based SQLi, authentication bypass, and UNION-based data exfiltration.
Hash Collision Demonstrator
Built a hash algorithm security scanner with an Express demo server exposing MD5 (vulnerable), SHA-1 (deprecated), and SHA-256 (safe) hash endpoints. The server computes a live birthday-attack collision on a 32-bit MD5 prefix at startup. All 23 node:test tests passed.
Brute Force Rate Limiter Demo
Built a brute force protection demo with an Express server exposing a vulnerable endpoint (no rate limiting) and a protected endpoint (IP-based lockout after 5 consecutive failures with 30-second window). A scanner tool probes both and reports findings as structured JSON. All 20 node:test tests passed on first run.
File Entropy Analyzer
Built a Shannon entropy scanner with an Express demo server serving four files at different entropy levels (0, ~4, ~8, ~8 bits/byte). The tool fetches, analyzes, and classifies each file, flagging the two high-entropy blobs as encrypted_or_packed. All 22 node:test tests passed on the first run.
CSRF Token Validator
Built a CSRF token validator with an Express demo server exposing a vulnerable funds-transfer endpoint (no token check), a protected endpoint (synchronizer token + single-use rotation), and cookie endpoints with and without SameSite=Strict. All 21 node:test tests passed on the first run.
AES Encryption Mode Comparison
Built an AES mode comparison tool with an Express demo server exposing ECB (vulnerable), CBC (legacy), CTR (unauthenticated), and GCM (recommended) encrypt endpoints. A scanner detects determinism in ECB, missing auth tags in CBC/CTR, and confirms GCM is clean. All 22 node:test tests passed on the first run.
Input Sanitization Library
Built an input sanitization library with an Express demo server exposing three vulnerable/safe endpoint pairs (HTML escaping, path normalization, command injection). The scanner tool sends attack payloads to all six endpoints and reports findings as structured JSON. All 20 node:test tests passed on the first run.
Log File Anomaly Detector
Built a rule-based log anomaly detector with an Express demo server that seeds realistic access logs containing five injected attack patterns. The tool fetches logs over HTTP, applies five detection rules, and emits structured JSON findings with HIGH/MEDIUM severity ratings. All 23 node:test tests passed on the first run.
JWT Vulnerability Scanner
Built a JWT vulnerability scanner with a FastAPI demo server exposing three attack surfaces: alg=none acceptance, HS256 with a weak crackable secret, and missing expiry validation. The scanner probes all three, cracks the secret via dictionary attack, forges an expired token, and verifies the safe endpoint rejects unsigned tokens. All 27 pytest tests passed on first run after fixing an httpx edge case with trailing-space header values.
HTTP Security Header Auditor
Built an HTTP security header auditor with an Express demo server exposing three endpoints at different security levels (no headers, partial headers, full headers). A weighted scoring system converts the six-header check into an A–F grade; only endpoints below grade A appear in findings. All 27 node:test tests passed on the first run.
Keylogger Detection and Flagging
Built a layered keylogger detection tool with a FastAPI demo server exposing eight scan endpoints (four seeded with indicators, four clean baselines). The tool cross-references process names, registry autorun keys, temp-directory files, and network connections against a rule set to produce a structured JSON threat report with HIGH/MEDIUM severity ratings. All 39 pytest tests passed on the first run after a one-line fix for a Python 3.14 subprocess handle-inheritance issue on Windows.
DNS Record Analyzer
Built a DNS record analyzer with an Express demo server exposing four mock domains at different email authentication security levels (strict, permissive SPF, no auth, monitoring-only DMARC). The tool queries the server's DNS API, parses SPF and DMARC records from TXT entries, and reports misconfigurations as structured JSON findings. All 20 node:test tests passed on the first run.
Email Header Analyzer
Built an email header analyzer with a FastAPI demo server serving four header samples (clean, spoofed sender, missing auth, DMARC p=none). The tool fetches each sample over HTTP, parses Authentication-Results with Python's email module and regex, and reports SPF failures, email spoofing, DMARC failures, and monitoring-only policies as structured JSON findings. All 21 pytest tests passed on the first run.
OAuth 2.0 PKCE Flow Analyzer
Built an OAuth 2.0 PKCE vulnerability scanner with an Express demo server exposing vulnerable (no PKCE, any redirect_uri) and safe (PKCE required, allowlisted redirect_uri) authorization flows. The scanner detects missing code_verifier enforcement and open redirect_uri acceptance. All 24 node:test tests passed on the first run.