60 hands-on cybersecurity projects with full source code, from beginner to advanced level.
10 structured career paths with certification guides for SOC Analyst, Pentester, Security Engineer, and more.
Tools, courses, certifications, communities, and frameworks for cybersecurity professionals.
| Project | Info | What You'll Learn |
|---|---|---|
| Simple Port Scanner Async TCP port scanner in C++ |
   |
TCP socket programming • Async I/O patterns • Service detection Source Code | Docs |
| Keylogger Capture keyboard events with timestamps |
 |
Event handling • File I/O • Ethical considerations Source Code | Docs |
| Caesar Cipher CLI encryption/decryption tool |
|
Classical cryptography • Brute force attacks • CLI design Source Code | Docs |
| DNS Lookup CLI Tool Query DNS records with WHOIS |
 |
DNS protocols • WHOIS queries • Reverse DNS lookup Source Code | Docs |
| Simple Vulnerability Scanner Check software against CVE databases |
  |
CVE databases • Dependency scanning • Vulnerability assessment Source Code | Docs |
| Metadata Scrubber Tool Remove EXIF and privacy metadata |
 |
EXIF data • Privacy protection • Batch processing Source Code | Docs |
| Network Traffic Analyzer Capture and analyze packets |
|
Packet capture • Protocol analysis • Traffic visualization Source Code | Docs |
| Hash Cracker Dictionary and brute-force cracking |
  |
Hash algorithms • Dictionary attacks • Password security Learn More |
| Steganography Tool Hide messages in images |
|
LSB steganography • Image manipulation • Data hiding Learn More |
| MAC Address Spoofer Change network interface MAC |
 |
Network interfaces • MAC addresses • Vendor lookup Learn More |
| File Integrity Monitor Monitor directories with checksums |
 |
Cryptographic hashing • File monitoring • Alert systems Learn More |
| Security News Scraper Aggregate cybersecurity news |
 |
Web scraping • CVE parsing • Database storage Learn More |
| Phishing URL Detector Analyze URLs for phishing |
|
URL analysis • Typosquatting detection • Safe browsing APIs Learn More |
| SSH Brute Force Detector Monitor and block SSH attacks |
 |
Log parsing • Attack detection • Firewall automation Learn More |
| WiFi Network Scanner Scan wireless networks |
 |
Wireless protocols • Encryption types • Rogue AP detection Learn More |
| Base64 Encoder/Decoder Multi-format encoding tool |
 |
Base64/32 encoding • URL encoding • Auto-detection Learn More |
| Firewall Log Parser Parse and visualize logs |
 |
Log parsing • Pattern recognition • Data visualization Learn More |
| ARP Spoofing Detector Detect ARP attacks |
|
ARP protocol • MAC tracking • MITM detection Learn More |
| Windows Registry Monitor Track registry changes |
|
Windows registry • Persistence detection • System monitoring Learn More |
| Ransomware Simulator Educational encryption demo |
 |
File encryption • Ransomware behavior • Ethical testing Learn More |
| Project | Info | What You'll Learn |
|---|---|---|
| Reverse Shell Handler Multi-client shell server |
  |
Socket programming • Command execution • File transfer Learn More |
| SIEM Dashboard Log aggregation with correlation |
   |
SIEM concepts • Log correlation • Full-stack development Learn More |
| Threat Intelligence Aggregator Collect and enrich IOCs |
|
Threat feeds • IOC enrichment • API integration Learn More |
| OAuth Token Analyzer Decode and validate JWT |
|
JWT tokens • OAuth vulnerabilities • Signature validation Learn More |
| Web Vulnerability Scanner Automated XSS, SQLi, CSRF testing |
|
Web vulnerabilities • Async scanning • Plugin architecture Learn More |
| DDoS Mitigation Tool Detect traffic spikes |
|
DDoS detection • Rate limiting • Anomaly detection Learn More |
| Container Security Scanner Scan Docker misconfigurations |
  |
Container security • Dockerfile analysis • Docker API Learn More |
| API Security Scanner Enterprise API vulnerability scanner |
 |
OWASP API Top 10 • ML fuzzing • GraphQL/SOAP testing Source Code | Docs |
| Wireless Deauth Detector Monitor WiFi deauth attacks |
 |
Wireless security • Packet sniffing • Attack detection Learn More |
| Active Directory Enumeration Enumerate AD infrastructure |
|
LDAP queries • AD structure • Privilege analysis Learn More |
| Binary Analysis Tool Disassemble and analyze executables |
|
Binary analysis • String extraction • Malware detection Learn More |
| Network Intrusion Prevention Real-time packet inspection |
|
IPS concepts • Snort rules • Firewall integration Learn More |
| Password Policy Auditor Audit password policies |
|
Password security • Policy compliance • Weak password detection Learn More |
| Cloud Asset Inventory Discover cloud resources |
 |
Cloud APIs • Asset discovery • Cost tracking Learn More |
| OSINT Reconnaissance Framework Aggregate public intelligence |
|
OSINT techniques • Data aggregation • Target profiling Learn More |
| SSL/TLS Certificate Scanner Scan for SSL misconfigurations |
|
TLS/SSL protocols • Certificate validation • Cipher analysis Learn More |
| Mobile App Security Analyzer Decompile and analyze mobile apps |
|
APK/IPA analysis • Reverse engineering • OWASP Mobile Learn More |
| Backup Integrity Checker Verify backup integrity |
|
Backup validation • Restoration testing • Checksum verification Learn More |
| Web Application Firewall Reverse proxy with filtering |
|
WAF concepts • Request filtering • Attack blocking Learn More |
| Privilege Escalation Finder Identify privilege escalation |
|
Privilege escalation • SUID binaries • Weak permissions Learn More |
| Network Baseline Monitor Monitor network behavior |
|
Baseline analysis • Anomaly detection • Traffic patterns Learn More |
| Docker Security Audit CIS Docker Benchmark scanner |
|
CIS benchmarks • Container security • Multiple output formats Source Code | Docs |
| Project | Info | What You'll Learn |
|---|---|---|
| API Rate Limiter Distributed rate limiting middleware |
   |
Token bucket algorithm • Distributed systems • Redis backend Source Code | Docs |
| Encrypted Chat Application Real-time E2EE messaging |
   |
Signal Protocol • Double Ratchet • WebAuthn • WebSockets Source Code | Docs |
| Exploit Development Framework Modular exploitation framework |
 |
Exploit development • Payload generation • Plugin architecture Learn More |
| AI Threat Detection ML-based traffic classification |
 |
Machine learning • Network traffic analysis • Model deployment Learn More |
| Bug Bounty Platform Full vulnerability disclosure platform |
 |
Full-stack development • CVSS scoring • Workflow automation Source Code | Docs |
| Cloud Security Posture Management Multi-cloud misconfiguration scanner |
 |
Cloud security • CIS benchmarks • Multi-cloud APIs Learn More |
| Malware Analysis Platform Automated sandbox analysis |
|
Malware analysis • Sandboxing • YARA rules • IOC extraction Learn More |
| Quantum Resistant Encryption Post-quantum cryptography |
|
Post-quantum algorithms • Hybrid encryption • Kyber/Dilithium Learn More |
| Zero Day Vulnerability Scanner Coverage-guided fuzzing |
 |
Fuzzing • Vulnerability research • Crash triage Learn More |
| Distributed Password Cracker GPU-accelerated cracking |
 |
Distributed systems • GPU computing • Hash cracking Learn More |
| Kernel Rootkit Detection Detect kernel-level rootkits |
|
Kernel internals • Memory forensics • Rootkit detection Learn More |
| Blockchain Smart Contract Auditor Solidity vulnerability analysis |
 |
Smart contracts • Static analysis • Solidity security Learn More |
| Adversarial ML Attacker Generate adversarial examples |
|
Adversarial ML • FGSM/DeepFool • Model robustness Learn More |
| Advanced Persistent Threat Simulator Multi-stage APT simulation |
|
APT techniques • C2 infrastructure • Lateral movement Learn More |
| Hardware Security Module Emulator Software HSM with PKCS#11 |
|
HSM concepts • PKCS#11 interface • Cryptographic operations Learn More |
| Network Covert Channel Data exfiltration techniques |
|
Covert channels • Data exfiltration • Steganography Learn More |
| Automated Penetration Testing Full pentest automation |
|
Pentest automation • Recon to exploitation • Report generation Learn More |
| Supply Chain Security Analyzer Dependency vulnerability analysis |
|
Supply chain security • Dependency analysis • Malicious packages Learn More |
Certification Roadmaps - Career paths for SOC Analyst, Pentester, Security Engineer, GRC Analyst, and 6 more tracks
Learning Resources - Tools, courses, certifications, YouTube channels, Reddit communities, and security frameworks
![@dependabot[bot]](https://avatars-githubusercontent-com.github.com/in/29110?s=64&v=4){kind=small}
![@qodo-code-review[bot]](https://avatars-githubusercontent-com.github.com/in/484649?s=64&v=4){kind=small}
