Cybersecurity
- Threat analysis and vulnerability assessment
- Security research and defensive tooling
- Incident-aware design and reporting
Cybersecurity | Software Development | Pentesting
Evaristo Ndowera
Cybersecurity enthusiast specializing in penetration testing and vulnerability assessment. Building practical tooling, security automation, and resilient systems for real-world defense.
49
contributions last year
33
commits in Feb 2026
7
repos created in Feb 2026
Current focus
- Security research and ethical hacking
- Advanced exploitation and web security
- Threat analysis and security automation
Signature strength
Blending offensive testing with software craftsmanship to ship tools that are reliable, transparent, and ready for the field.
About
Practical security, measured reporting, and clean engineering.
Security mindset
Focused on finding vulnerabilities before adversaries do, with disciplined testing and clear, actionable remediation guidance.
Engineering craft
Builds maintainable Python tooling, automation workflows, and web systems that support repeatable security processes.
Collaboration
Active in open source, looking to collaborate on security tools, research, and high-trust software.
Qualifications focus
Three pillars that drive the work.
Penetration testing
- Recon, enumeration, and risk prioritization
- Exploitation techniques with ethical controls
- Clear impact narratives and remediation steps
Software development
- Python tooling, automation, and APIs
- Web applications with security by design
- Version control and documentation discipline
Capability matrix
Depth across security, automation, and delivery.
Security analysis
Scanning, risk notes, and remediation guidance.
Python tooling
CLI utilities, reporting, and testable modules.
Web interfaces
Flask demos, templates, and responsive UI.
Automation
Log analysis, monitoring, and workflow scripting.
Infrastructure basics
Linux, networking, and safe testing workflows.
Data handling
SQLite, JSON/CSV reporting, and parsers.
2026 Security Projects
Projects updated or created this year with security at the core.
KEYLOGGER_DEFENSE_TOOLS
PythonDefensive keylogger awareness tools for Linux, including input-device detection and consent-based keystroke demo flows.
file_integrity_monitor
PythonFile integrity monitoring toolkit focused on detecting tampering and suspicious changes across sensitive assets.
Network Port Scanner
PythonMulti-threaded network scanner with service detection, enumeration, and reporting for fast infrastructure visibility.
Password Strength Checker
PythonEntropy-based password analysis with pattern detection, scoring tiers, and a Flask interface for real-time testing.
WhatsApp Calendar Agent
Python, DockerAutomated scheduling agent integrating WhatsApp messaging with calendar workflows for streamlined event management.
Scripting
PythonRapid security scripting collection supporting automation, offensive testing workflows, and tooling prototypes.
Case studies
Problem, approach, and results for key projects.
Network Port Scanner
Problem
Need fast, repeatable visibility across hosts and ports with minimal setup.
Approach
Thread pool scanner that supports ranges, CIDR, TCP or UDP, plus progress and ETA.
Results
Exportable CSV or JSON reports and a local-only web UI wrapper for safer demos.
File Integrity Monitor
Problem
Detect file tampering and changes across sensitive assets with clarity.
Approach
Baseline hashing with SHA-256, scanning diffs, and optional real-time watching.
Results
Clear created/modified/deleted alerts, log files, and JSON configuration control.
Lab notes
Short write-ups tied to the repositories.
Password Strength Checker
Entropy-based scoring, blacklist checks, and pattern detection with JSON output.
RepositoryKeylogger Defense Tools
Process scanning for input-device access plus a consent-based demo app.
RepositoryScripting Lab
Auth-log analyzer with follow mode, blocklist output, and dry-run auto-blocking.
RepositoryWhatsApp Calendar Agent
Flask service with Twilio webhooks, Google Calendar, and SQLite persistence.
RepositoryWriting & docs
Technical references, usage guides, and deeper breakdowns.
Password Strength Checker
Deep technical breakdown and design notes.
DETAILED_DOCUMENTATION.mdNetwork Port Scanner
Usage reference with examples and safety guidance.
docs/USAGE.mdScripting Lab
Lab documentation and CLI reference for the scripts.
LAB_DOCUMENTATION.mdExperience highlights
Case-study style snapshots that show impact and approach.
Network scanning tooling
Built a scanner that handles ranges, CIDR blocks, and flexible port selection.
- Added TCP and UDP support with thread pooling
- Reported progress and ETA during scans
- Exported findings to CSV and JSON
Password strength checker
Built a CLI and web demo for password evaluation with clear, actionable feedback.
- Scored passwords with entropy and character variety
- Flagged blacklist hits and pattern weaknesses
- Provided JSON output for integrations
File integrity monitoring
Built a baseline and scanning workflow with optional real-time watching.
- Tracked created, modified, and deleted files
- Logged results to console and file
- Configured scans with JSON settings
Defensive keylogger awareness
Built tools that inspect input-device access with a safe, consent-based demo.
- Flagged suspicious process patterns
- Generated JSON or CSV outputs
- Documented safe usage and limits
WhatsApp calendar agent
Built a Flask service that schedules events through WhatsApp and Google Calendar.
- Integrated Twilio WhatsApp webhooks
- Parsed intents with a lightweight NLP flow
- Stored events with SQLite and SQLAlchemy
Tooling and stack
Security-focused technologies and platforms in active use.
Security tools
Metasploit, Wireshark, Nmap, Burp Suite, SQLMap, Nikto
Languages
Python, JavaScript
Platforms
Linux, Ubuntu, Git, GitHub, Docker
Databases
MongoDB, PostgreSQL
Certifications
Verified training and professional development.
TryHackMe badge
Live progress from my TryHackMe profile and room streak.
Contact
Open to collaboration, consulting, and security-focused roles.
Start a conversation
Email is the fastest way to connect.