Project Ideas
Free hands-on project ideas to build real cybersecurity skills. Pick one and start building.
A Cryptographic Message Project
Write a program to encrypt and decrypt a string message with different types of cryptographic algorithms. Compile the program into an executable with the feature of allowing the user to choose the algorithm to encrypt the message.
A Steganography Message
Embed a secret message inside an innocent looking item, such as an image, text, audio file, computer files, etc.
Attempt Bug Bounties
Apply knowledge and experience by probing for bugs and vulnerabilities on websites and services. Use a bug bounty website, such as HackerOne or BugCrowd to report your findings and receive monetary prizes.
Basic Scripting Project
Using your favorite scripting language such as Bash, PowerShell, or Python, automate the creation of a local user account with a defined set of computer permissions – works best with a Linux distribution.
Build a Backup Server in Linux
A backup server is used to safely store important data, files, and information. If and when data corruption were to happen, a backup server can restore the important information.
Build a Command-Control Server
Command-and-control servers (C2) servers are used by attacker to maintain communications with compromised systems within a target network. Using your preferred programming language, develop a C2 server to establish basic communications with an “attacker” controlled machine (can be a basic Linux server).
Build a NAS
A Network Attach Storage (NAS) device is a file-level computer data storage server to safely provide data and file access for a wide variety of clients. Implement a NAS solution through services such as NFS or Samba, build a small-scale file sharing service.
Build a Password Manager
Use a popular programming language to create, generate, manage, and securely store your passwords. Use a master password to unlock access to all other passwords. Implement with secure cryptographic design.
Code Analysis Project
Dynamic analysis is the testing and evaluation of a program by executing the program, code in real-time to find errors while the program is running. Static analysis is used to debug a program without the code executing the program.
Configure a Firewall in Linux
Linux has a built-in packet filtering firewall which allows system administrators to configure the IP packet filter rules of the Linux firewall.
Configure a Proxy in Linux
A proxy server is an application or appliance that acts as intermediary device to request for clients seeking specific types of services. Forward and reverse are a type of proxy which alter traffic depending on the type.
Configure a Vulnerability Scanner
Setup and configure a popular vulnerability scanner. Create a network of vulnerable host machines and use the scanner to identify known vulnerabilities.
Configure an IDS & IPS
Configure an open-source or free intrusion detection / prevention system. Once you have completed the initial setup, simulate network traffic and analyze how the system works.
Configure the LAMP Stack
The Linux Apache MySQL PHP (LAMP) stack is a common web server implementation. Setup and configure each service to create a web server, sharpen your skills using each service after downloading the LAMP stack.
Create a Basic Network Scanner
Use Python to create a simple network scanner using ARP requests and scan the network for live hosts.
Create a Centralized Syslog Server
A syslog server is a service used to send system logs or event message to a specific server. These servers are primarily used to collect various device logs from different machines to a centralized location for monitoring and review.
Create a Cybersecurity Homelab
Build a homelab environment simulating different components of a business network. This project can be implemented through virtualization or hardware.
Create a Keylogger in Python with Spyware Features
Create a keylogger in python with advanced features including tracking clipboard data, taking screenshots, recording the microphone, gathering key strokes, and recording computer information.
Create a Monitoring System
A monitoring system is a technology used to analyze network operations, performance, and to detect and alert about possible errors in the network.
Create a Phishing Email
Develop a phishing email and see if you can trick some of your close friends into clicking one of dummy links. Inform your friends on the risks of phishing emails if the links have been clicked. Used for the purpose of learning – DO NOT spread real viruses, link to malicious websites, or anything considered illegal.
Create a Port Scanner
A port scanner is a service used to find open ports of computers and devices on a network. Use your favorite programming language to write a port scanner.
Create A Reverse Shell With Python
A reverse shell initiates a shell session from the target to the victim machine. Build a python based reverse-shell generator tool which will dynamically generate the reverse-shell script or payload.
Create a Router with Linux
Routers are used to connect networks together. Using your favorite Linux distribution, configure a basic router with Network Address Translation (NAT), Dynamic Host Control Protocol (DHCP), firewall, and basic routing capabilities.
Create a Secure Backup Plan
Research different types of backup plans and create your own backup server to store and save important files, folders, and documents.
Create a SIEM with the Open-Source ELK Stack
Using the open-source ELK stack (Elastisearch, Logstash, and Kibana), develop security dashboard to trigger and display security alerts when malicious activity is being logged.
Create a Tool Set for CTFs
Develop a set of useful tools to be used during Capture the Flag (CTF) competitions.
Create a VPN Server
Simulate a corporate VPN setup within a homelab using OpenVPN.
Create Firewall Rules with IPTables
Download your favorite Linux distribution and configure IP Packet filter rules for the Linux kernel firewall.
Create GitHub Account
Create a GitHub account. Contribute to open source. Upload and share personal projects related to developing scripts, programs, and software.
Create Windows Firewall Rules
Install any version of Windows on virtual machine and create a set of firewall rules to properly secure the machine from inbound and outbound traffic.
Deep Packet Inspection Project
Deep packet inspection (DPI) is a type of data processing that inspects in detail, data being sent over the network. Use a DPI tool to evaluate how DPI works.
Develop a Website Blog
Create a website blog. Share a perspective, write about a topic learned, an experience, write documentation, or share a helpful resource.
DNS Server & Security
Research DNS attacks and build a small-scale DNS server. Add the proper security measures to the DNS Server.
Explore an Offensive Linux Distribution
Offensive Linux distributions such as Kali by Offensive Security or Parrot OS are used by penetration testers, forensic analysts, and web application security researchers to test and identify security vulnerabilities and weaknesses in services, applications, networks, and more.
File Encryption
Use a popular file encryption program such as BitLocker, VeraCrypt, DiskCryptor to encrypt and decrypt files and folders. Apply and analyze the use different algorithms.
Fuzzing Project
Fuzzing or fuzz testing is an automated software used to test error handling of a software by providing invalid, unexpected, or random data inputs. Use a fuzz tool to test, track, and handle potential errors of a developed software program.
Honeypot Testing
A honeypot is a computer security mechanism or "trap" set to detect and deflect unauthorized attempts for proprietary and confidential information. Set up an open source honeypot and try accessing the confidential information.
Install Linux Onto a USB Drive
Download your favorite distribution of Linux and install a bootable, live version onto a USB Drive.
Investigate Open Source Incident Response Tools
Find an open-source incident response tool and configure the program to monitor the network and alert if any potential security events happen.
MAC Flooding Program
Use your favorite programming language to write a MAC flooding program. MAC flooding is a technique used to compromise the security of network switches.
Nmap Tool & Scanning
Use the popular network scanner and tool, Nmap, to scan and identify hosts and services on the network. Create a small network of vulnerable machines and use Nmap to scan for details and more information on each machine.
Packet Sniffing – Analyze Network Packets
Use an established packet sniffing program such as Wireshark, Windump, or TCPdump to scan, identify, and analyze network packets.
Password Attack Challenge
Passwords are an important, yet overlooked component of maintaining proper security posture. According to the NIST 800-63 Password Guidelines, a password should be at least 8 characters minimum, use all ASCII characters, support a 64 character maximum length, but should not be too complex due to causing poor password behavior in the long run.
Pi Hole
Want to create a local device to block advertisements from being displayed?
Raspberry Pi Cloud
Turn your Raspberry Pi into a personal cloud device. Use your Pi Cloud to store files locally and access your files from public networks.
Raspberry Pi Homelab With Docker
Build a small, containerized homelab with the Docker Engine. Using a Raspberry Pi, install the Docker Engine and use containers to host small, lightweight machines.
Raspberry Pi Network Scanner
A network scanner is a computer program used to locate devices running on a network.
Raspberry Pi VPN
Using your Raspberry Pi device, create a VPN server using PiVPN. Connect to your Pi VPN and enjoy safe browsing anywhere you go under your direct control.
Research Secure Coding Practices
Research secure coding practices and standards. Try creating an insecure version of code and then apply the secure coding practice. Use a programming language such as C, C++, Java, PHP, and JavaScript.
Retrieve a Deleted File
Create a simple text file and "permanently" delete the file from your machine. Now try to find and recover the deleted file from your machine.
Safe Folder App with Password
Copy and save folders, files, and photos in a safe folder with password security. You can view, add, and delete items within the safe folder.
Setup a Web Server
Create a web server using a web server service such as Apache and add security best practices to the server to ensure the server is hardened.
Setup and Manage a SIEM
Setup and manage an open-source or free security information event management (SIEM) platform used to aggregate, organize, and prioritize security alerts.
Setup and Manage an Open Source Firewall
Setup and configure an open source firewall, such as PFsense to filter malicious and unwanted connections.
SQL Vulnerability Assessment
Structured Query Language (SQL) is used all over the web and is vulnerable to an injection attack known as a SQL injection attack. Using the SQL language, learn how to conduct a SQL injection and ways to mitigate this attack.
The Complete Wireless Attack Project
A three-step project to get you started with understanding and conducting wireless attacks.
The Hack The Box Walkthrough Project
Hack The Box is an online platform used to test and advance your skills in penetration testing by providing access to vulnerable machines.
The Information Gathering Project
Information gathering is one of the first basic steps when conducting a successful penetration test. During the information gathering phase, the main focus is to collect facts about the target device or machine such as IP addresses, available services, and open ports.
The Injections Project
Web injections are used against websites and web-based applications to gain access to sensitive information, elevate privileges, and view private data.
The Secure File Sharing Service
Configure and use a secure file sharing service, such as SFTP, to securely transfer files over an unsecure medium.
The Sniffing Spoofing Project
Sniffing is the process of intercepting and collecting network traffic as it passes over a digital network. Spoofing is the act of disguising a communication from an unknown source as being trustworthy.
The Socket Programming Project
Socket programming is a way for two nodes on a network to communicate with each other. Learn about socket programming and apply your knowledge to create a monitoring system.
Vulnerable Machine Challenges
Use a service like Vulnhub, TryHackMe, CyberSecLabs, or Hack the Box. Download vulnerable virtual machines. Probe for and analyze vulnerabilities.
Web Security Attacks Project
Learn the types of website application attacks used to elevate privileges and exploit vulnerabilities against a website or web application. Test your knowledge by using a tool or technique in a controlled, home network.
Write a Hash Cracker
Using your favorite programming language, write a program to crack weak hashing algorithms. Compile your code into an executable and supply a hash.
Write a Password Generator Program
Use a popular programming or scripting language, such as python, bash, C, etc to generate a strong, secure password. Compile this generator into an executable so you can generate passwords for the services you set up.
Write a Program to Break a Caesar Cipher
Use your favorite programming language to encrypt a string message with a Caesar Cipher. Write a program to break the encrypted string message.
Write an HTTP Proxy
Write an HTTP proxy to examine web traffic and identify suspicious content.
YouTube Channel
Start a YouTube channel. Share a perspective, create walkthroughs, develop tutorials, share a resourceful tool and much more through the use of video sharing.
No projects found. Try a different search or category.