The latest articles on DEV Community by Abdushshakur Sulaiman Abubakar (@shakoury). https://dev.to/shakoury https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3724981%2F4f751879-3be2-485f-b2e8-a16a2c518d99.jpg https://dev.to/shakoury en Abdushshakur Sulaiman Abubakar Thu, 22 Jan 2026 02:07:24 +0000 https://dev.to/shakoury/support-me-with-advice-and-feedback-1j54 https://dev.to/shakoury/support-me-with-advice-and-feedback-1j54 <p>HAsh_Scanner — ML-Enhanced Phishing Detection System</p> <p>I developed HAsh_Scanner, a web application that checks URLs in real time to detect phishing websites using machine learning and security checks.</p> <p>Overview: Phishing attacks are one of the most common online threats, often using fake websites to steal passwords, bank details, or personal information. HAsh_Scanner is designed to help users verify links before visiting them, providing a clear risk assessment rather than a simple safe/unsafe label.</p> <p>How It Works:</p> <p>When a URL is submitted, the system performs multiple checks simultaneously.</p> <p>URL Analysis: Examines subdomains, special characters, unusual encoding, and IP-based URLs. Detects patterns common in phishing links.</p> <p>Domain Intelligence: Evaluates domain age, registration info, SSL certificate validity, and high-risk TLDs. New domains or unusual registrars are flagged.</p> <p>Content Inspection: Searches for phishing keywords (verify, update, suspend, login) and common phishing page structures.</p> <p>Machine Learning: Trained on over 156,000 real-world phishing URLs, the system identifies brand impersonation, suspicious paths, and subdomain abuse.</p> <p>Risk Scoring: Aggregates all findings into a risk score from 0–100 to give users a nuanced view of potential threats.</p> <p>Validation and Testing:</p> <p>Tested on 51 legitimate websites, including major brands and banks: 0 false positives, average risk score 1.2.</p> <p>Tested on 20 known phishing patterns: 70% detection rate, highest scores aligned with the most dangerous sites.</p> <p>The system balances detection accuracy with minimal false positives to maintain trust.</p> <p>Platform Security:</p> <p>Custom middleware to handle requests securely.</p> <p>Rate limiting (15 requests per minute, 100 per hour) and bot detection to prevent abuse.</p> <p>Content Security Policy, XSS, and clickjacking protections.</p> <p>HTTPS-only deployment ensures encrypted communications.</p> <p>Technology Stack:</p> <p>Backend: Python, Flask, Gunicorn</p> <p>Machine Learning: Pattern recognition and heuristic analysis</p> <p>Frontend: HTML5 / CSS3, responsive design</p> <p>Deployment: Render with auto-deploy from GitHub, global CDN</p> <p>Design Principles:</p> <p>Minimize false positives</p> <p>Explainable results rather than black-box decisions</p> <p>Privacy-first approach: no URL storage or user tracking</p> <p>Built for practical use in real-world scenarios, not only lab testing</p> <p>Live Demo: <a href="https://hash-scanner-1.onrender.com" rel="noopener noreferrer">https://hash-scanner-1.onrender.com</a></p> <p>I welcome feedback from my mentors, developers and cyber security professionals to improve the system and expand it's capabilities.</p> <p>Note: I am still a student and learning, so I may make mistakes. Your feedback is appreciated.<br> <a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F58muapnqb4xep5v82d6d.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F58muapnqb4xep5v82d6d.png" alt=" " width="720" height="1600"></a></p> webdev programming beginners python