<feed xmlns="http://www.w3.org/2005/Atom"> <id>https://defhopeee.github.io/</id><title>Hope Njoki Nyambura</title><subtitle>Portfolio of Hope Njoki Nyambura — Full-Stack Developer with expertise in web development, cybersecurity, and data analysis. Showcasing projects, lab challenges, resume, and certifications.</subtitle> <updated>2025-09-27T18:50:36+00:00</updated> <author> <name>Hope Njoki Nyambura</name> <uri>https://defhopeee.github.io/</uri> </author><link rel="self" type="application/atom+xml" href="https://defhopeee.github.io/feed.xml"/><link rel="alternate" type="text/html" hreflang="en" href="https://defhopeee.github.io/"/> <generator uri="https://jekyllrb.com/" version="4.4.1">Jekyll</generator> <rights> © 2025 Hope Njoki Nyambura </rights> <icon>/assets/img/favicons/favicon.ico</icon> <logo>/assets/img/favicons/favicon-96x96.png</logo> <entry><title>Personal Portfolio Website</title><link href="https://defhopeee.github.io/posts/personal-portfolio/" rel="alternate" type="text/html" title="Personal Portfolio Website" /><published>2025-08-01T00:00:00+00:00</published> <updated>2025-09-27T18:47:34+00:00</updated> <id>https://defhopeee.github.io/posts/personal-portfolio/</id> <content type="text/html" src="https://defhopeee.github.io/posts/personal-portfolio/" /> <author> <name>Hope Njoki Nyambura</name> </author> <summary>Summary: Mobile-first portfolio showcasing projects, resume, and lab challenges. Tech Stack: Jekyll (Chirpy), HTML, CSS, JavaScript Key Features: Responsive design Project writeups and downloadable resume Contact form integrating email Lessons Learned: Clear UX, fast-loading assets, and concise content improve visitor engagement.</summary> </entry> <entry><title>SQL Injection — Login Bypass</title><link href="https://defhopeee.github.io/posts/sqli-lab/" rel="alternate" type="text/html" title="SQL Injection — Login Bypass" /><published>2025-07-01T00:00:00+00:00</published> <updated>2025-09-27T18:45:34+00:00</updated> <id>https://defhopeee.github.io/posts/sqli-lab/</id> <content type="text/html" src="https://defhopeee.github.io/posts/sqli-lab/" /> <author> <name>Hope Njoki Nyambura</name> </author> <summary>Problem Statement: Exploit a vulnerable login form in a training web app. Approach: Inspect login POST request with Burp Suite. Inject ' OR '1'='1 payload to bypass login. Extracted a username safely from the test database. Tools Used: Burp Suite, sqlmap, local test DB Lessons Learned: Parameterized queries prevent SQL injection; never build SQL with unsanitized input.</summary> </entry> <entry><title>Local File Inclusion (LFI) Lab</title><link href="https://defhopeee.github.io/posts/lfi-lab/" rel="alternate" type="text/html" title="Local File Inclusion (LFI) Lab" /><published>2025-06-01T00:00:00+00:00</published> <updated>2025-09-27T18:45:04+00:00</updated> <id>https://defhopeee.github.io/posts/lfi-lab/</id> <content type="text/html" src="https://defhopeee.github.io/posts/lfi-lab/" /> <author> <name>Hope Njoki Nyambura</name> </author> <summary>Problem Statement: Identify and exploit a Local File Inclusion vulnerability in a training app. Approach: Recon: Found ?page= parameter vulnerable to include(). Proof of Concept: ?page=../../../../etc/passwd Remediation: Sanitize input, whitelist files, use realpath(). Tools Used: Browser, Burp Suite, curl, PHP sandbox Lessons Learned: Never include files from unsanitized user input;...</summary> </entry> <entry><title>Secure Online Exam System</title><link href="https://defhopeee.github.io/posts/secure-online-exam/" rel="alternate" type="text/html" title="Secure Online Exam System" /><published>2025-05-01T00:00:00+00:00</published> <updated>2025-09-27T18:44:25+00:00</updated> <id>https://defhopeee.github.io/posts/secure-online-exam/</id> <content type="text/html" src="https://defhopeee.github.io/posts/secure-online-exam/" /> <author> <name>Hope Njoki Nyambura</name> </author> <summary>Summary: Exam platform with lockdown browser features to reduce cheating. Tech Stack: PHP, JavaScript, MySQL Key Features: Timed exams and question randomization Lockdown mode to disable copy/paste/navigation Results analytics dashboard Impact: Lockdown features contributed to a 75% drop in detected cheating attempts. Lessons Learned: Combine client-side controls with server-side va...</summary> </entry> <entry><title>E-Commerce Shoe Ordering System</title><link href="https://defhopeee.github.io/posts/ecommerce-shoe-ordering/" rel="alternate" type="text/html" title="E-Commerce Shoe Ordering System" /><published>2025-03-01T00:00:00+00:00</published> <updated>2025-09-27T18:43:54+00:00</updated> <id>https://defhopeee.github.io/posts/ecommerce-shoe-ordering/</id> <content type="text/html" src="https://defhopeee.github.io/posts/ecommerce-shoe-ordering/" /> <author> <name>Hope Njoki Nyambura</name> </author> <summary>Summary: Built a scalable e-commerce platform focused on shoe orders, integrated M-Pesa STK payment. Tech Stack: PHP, MySQL, JavaScript, HTML/CSS, M-Pesa STK API Key Features: Product catalog, cart, and checkout M-Pesa STK payment integration Admin dashboard for order management Impact: Handled 150+ orders/month during pilot run. Lessons Learned: Payment integration details (callbac...</summary> </entry> </feed>
