Mugeha Jackline

Code smart. Break smarter. Secure everything.

#TechTrailblazer #CyberGuardian

I’m a curious, hands-on developer currently diving into application security, not just learning the tools, but understanding the mindset behind secure systems. I care about how things are built, but even more about how they can break (and how to prevent that).

My background in full-stack development gives me an edge when thinking like both a builder and a breaker. Right now, I’m focused on leveling up in AppSec, exploring web vulnerabilities, secure coding practices, and how real-world systems hold up under pressure.

I enjoy challenges that push me to think deeper and move smarter. Whether it’s exploring a new vulnerability or tweaking an auth flow, I’m driven by the need to make tech cleaner, safer, and more reliable.

This isn’t just a career path, it’s a mindset shift. I’m here for the learning curve, the late-night debugging, and the a-ha moments that come from really getting how things work under the hood.

I created a Phishing Awareness Training Module to educate users on identifying and avoiding phishing attacks. The module included detailed slides, visual demonstrations, real-world case studies, and interactive quizzes to enhance learning. I also recorded a video explanation and shared the project on GitHub for accessibility. This project strengthened my cybersecurity knowledge and communication skills, allowing me to present security concepts in an engaging way while promoting online safety.

Built a real-world password strength tester using React, zxcvbn (Dropbox's password analyzer), and the HaveIBeenPwned API.

• Provides real-time strength scoring, suggestions, and warnings
• Uses SHA-1 hashing + k-anonymity to check if a password has been exposed in public data breaches
• Includes a secure password generator and clipboard copy functionality

This was a full-stack security-focused side project meant to combine frontend dev with practical infosec principles.

🚨 SQL Injection: Built it. Broke it. Fixed it.

I created a vulnerable login system to understand how SQL injection works — then secured it using prepared statements, input validation, and basic logging.

#Cybersecurity #WebSecurity #PHP #SQLInjection

🔐 My Web Encryption & Decryption Tool!

Ever wondered how encryption actually works under the hood? I built a lightweight Flask app that lets you encrypt and decrypt text in real-time — right in your browser. It uses Fernet (AES 128 encryption).

Whether you're learning cybersecurity or just curious about how data can be safely transformed, this is a great place to start!

💡 Built with:

• Python + Flask
• HTML/CSS (custom-styled UI)
• cryptography (Fernet encryption)
• Hosted on Render
• Clean code and secure practices

I’d love to hear your thoughts — feedback, suggestions, or just a thumbs-up! 🙌

#CyberSecurity #Flask #Python #Encryption #DevProjects #BuildInPublic #WomenWhoCode

I built a Honeypot to catch attackers in action

As part of my cybersecurity learning journey, I deployed Cowrie, a honeypot that pretends to be a vulnerable SSH/Telnet server. Instead of defending, I watched how attackers behaved when they thought they had found an easy target.

What I did:  

- Set up Cowrie honeypot on Kali Linux  

- Captured attacker IPs, usernames, and commands

- Parsed logs with `jq` → CSV  

- Built Python visualizations (Top IPs, Top Usernames, Timeline of attacks) 

🔍 Key insight: most attackers are bots using brute force with `root` or `admin`.  

📊 Turning raw logs into clear graphs made the attacks easy to analyze.  

This project taught me about deception technologies, attack monitoring, and data-driven analysis.

Github link - Repo-link

Blog post - Click here to view the blog

🚀 Just wrapped up a Metasploit penetration testing lab, from exploit to post-exploitation, all done in a safe virtual environment (Kali + Metasploitable2).

💡 The project walks through:

• Realistic reconnaissance and exploitation workflows
• Custom auxiliary module development inside Metasploit
• Post-exploitation techniques like privilege escalation, routing, and pivoting
• Clean lab documentation & automation using resource scripts

🧠 The focus wasn’t just “getting root,” but mastering the entire Metasploit workflow — payloads, sessions, auto-routing, and data handling — like an actual red-team operator would.

📁 I’ve documented everything, including a custom module, a step-by-step guide, and an ethical framework for lab testing.

🔗 Blog post: Link

💻 Github-link : github-link

#CyberSecurity #Metasploit #PenTesting #EthicalHacking #CyberSecPortfolio #RedTeam

Keylogger Detection & Response Agent (Windows)

Built a Python-based heuristic detection tool with a Tkinter GUI to detect, log, quarantine, and terminate keylogger-like processes. Detection uses process path heuristics, open file handle analysis, persistence registry scanning, and outbound connection checks. Implemented automated containment and GUI controls for manual scanning, quarantine inspection, and screenshot logging.

Tech: Python, psutil, pywin32, WMI, Tkinter.

Github repo link