Made possible by CertGames
Currently building: Binary Analysis Tool
67 hands-on cybersecurity projects with full source code, from beginner to advanced level.
10 structured career paths with certification guides for SOC Analyst, Pentester, Security Engineer, and more.
Tools, courses, certifications, communities, and frameworks for cybersecurity professionals.
| Project | Info | What You'll Learn |
|---|---|---|
| Simple Port Scanner Async TCP port scanner in C++ @deniskhud |    | TCP socket programming β’ Async I/O patterns β’ Service detection Source Code | Docs |
| Keylogger Capture keyboard events with timestamps |  | Event handling β’ File I/O β’ Ethical considerations Source Code | Docs |
| Caesar Cipher CLI encryption/decryption tool | | Classical cryptography β’ Brute force attacks β’ CLI design Source Code | Docs |
| DNS Lookup CLI Tool Query DNS records with WHOIS |  | DNS protocols β’ WHOIS queries β’ Reverse DNS lookup Source Code | Docs |
| Simple Vulnerability Scanner Check software against CVE databases |   | CVE databases β’ Dependency scanning β’ Vulnerability assessment Source Code | Docs |
| Metadata Scrubber Tool Remove EXIF and privacy metadata @Heritage-XioN |  | EXIF data β’ Privacy protection β’ Batch processing Source Code | Docs |
| Network Traffic Analyzer Capture and analyze packets |  | Packet capture β’ Protocol analysis β’ Traffic visualization Source (C++) | Docs (C++) | Source (Python) | Docs (Python) |
| Hash Cracker Dictionary and brute-force cracking |  | Hash algorithms β’ Dictionary attacks β’ Password security Source Code | Docs |
| Steganography Multi-Tool Hide data in images, audio, QR, PDFs, text |  | Multi-format steganography β’ Zero-width Unicode β’ Audio LSB β’ QR exploitation Learn More |
| Ghost on the Wire L2 attack & defense: MAC spoofing + ARP detection |  | ARP protocol β’ MAC spoofing β’ MITM detection β’ L2 trust mapping Learn More |
| Canary Token Generator Self-hosted honeytokens that alert on access | | Deception defense β’ Honeytokens β’ Webhook alerting β’ Intrusion detection Learn More |
| Security News Scraper Aggregate cybersecurity news |  | Web scraping β’ CVE parsing β’ Database storage Learn More |
| Phishing Domain Generator & Quishing Scanner Typosquat generation + QR phishing detection | | Homoglyph attacks β’ Typosquatting β’ QR code analysis β’ Domain intelligence Learn More |
| SSH Brute Force Detector Monitor and block SSH attacks |  | Log parsing β’ Attack detection β’ Firewall automation Learn More |
| Simple C2 Beacon Command and Control beacon/server |   | C2 architecture β’ MITRE ATT&CK β’ WebSocket protocol β’ XOR encoding Source Code | Docs |
| Base64 Encoder/Decoder Multi-format encoding tool |  | Base64/32 encoding β’ URL encoding β’ Auto-detection Source Code | Docs |
| Linux CIS Hardening Auditor CIS benchmark compliance checker |  | CIS benchmarks β’ System hardening β’ Compliance scoring β’ Shell scripting Learn More |
| Systemd Persistence Scanner Hunt Linux persistence mechanisms | | Persistence techniques β’ Systemd internals β’ Cron analysis β’ Threat hunting Learn More |
| Linux eBPF Security Tracer Real-time syscall tracing with eBPF |  | eBPF programs β’ Syscall tracing β’ BCC framework β’ Security observability Learn More |
| Trojan Application Builder Educational malware lifecycle demo | | Trojan anatomy β’ Data exfiltration β’ File encryption β’ Attack lifecycle Learn More |
| DNS Sinkhole Pi-hole-style malware domain blocker | | DNS protocol β’ Blocklist management β’ Query logging β’ Network defense Learn More |
| Firewall Rule Engine Parse and validate iptables/nftables rules |  | Firewall internals β’ Rule parsing β’ iptables/nftables β’ V language Learn More |
| LLM Prompt Injection Firewall Detect and block prompt injection attacks | | AI security β’ Prompt injection β’ Input sanitization β’ LLM defense Learn More |
| Project | Info | What You'll Learn |
|---|---|---|
| Payload Obfuscation Engine Multi-layer payload obfuscation toolkit |   | Obfuscation techniques β’ Polymorphism β’ AV evasion β’ Signature detection Learn More |
| SIEM Dashboard Log aggregation with correlation |  | SIEM concepts β’ Log correlation β’ Full-stack development Source Code | Docs |
| Token Abuse Playground 15+ token vulnerabilities to exploit and fix |  | JWT exploitation β’ OAuth attacks β’ Session security β’ Token forensics Learn More |
| Supply Chain Attack Simulator Fake PyPI package dependency confusion demo |  | Supply chain attacks β’ Dependency confusion β’ Package security β’ PyPI internals Learn More |
| DDoS Mitigation Tool Detect traffic spikes | | DDoS detection β’ Rate limiting β’ Anomaly detection Learn More |
| Secrets Scanner Scan codebases and git history for leaked secrets |  | Secret detection β’ Shannon entropy β’ HIBP k-anonymity β’ SARIF output Source Code | Docs |
| API Security Scanner Enterprise API vulnerability scanner | | OWASP API Top 10 β’ ML fuzzing β’ GraphQL/SOAP testing Source Code | Docs |
| Wireless Deauth Detector Monitor WiFi deauth attacks |  | Wireless security β’ Packet sniffing β’ Attack detection Learn More |
| Credential Harvester Post-exploitation credential collection |  | Credential extraction β’ Browser forensics β’ Red team tooling β’ Nim language Learn More |
| Binary Analysis Tool Disassemble and analyze executables | | Binary analysis β’ String extraction β’ Malware detection Learn More |
| Chaos Engineering Security Tool Inject security failures to test resilience | | Chaos engineering β’ Security resilience β’ Credential spraying β’ Auth testing Learn More |
| Credential Rotation Enforcer Track and enforce credential rotation policies | | Credential hygiene β’ Secret rotation β’ Compliance dashboards β’ API integration Learn More |
| Race Condition Exploiter TOCTOU race condition attack & defense lab | | TOCTOU attacks β’ Double-spend bugs β’ Concurrent exploitation β’ Race visualization Learn More |
| Self-Hosted Shodan Clone Internet-connected device search engine | | Service fingerprinting β’ Network scanning β’ OSINT β’ Search engine design Learn More |
| JA3/JA4 TLS Fingerprinting Tool Fingerprint TLS clients by handshake | | TLS handshake analysis β’ JA3/JA4 hashing β’ Bot detection β’ Malware C2 identification Learn More |
| Mobile App Security Analyzer Decompile and analyze mobile apps | | APK/IPA analysis β’ Reverse engineering β’ OWASP Mobile Learn More |
| DLP Scanner Data Loss Prevention for files, DBs, and traffic | | PII detection β’ GDPR/HIPAA compliance β’ Pattern matching β’ Data classification Learn More |
| Lua/Nginx Edge Backend Full CRUD backend via Lua in Nginx |   | Edge computing β’ OpenResty β’ Lua scripting β’ WAF β’ JWT at the edge Learn More |
| Privesc Playground 20+ privilege escalation paths to exploit | | SUID exploitation β’ Sudo abuse β’ Cron hijacking β’ GTFOBins β’ Capability abuse Learn More |
| SBOM Generator & Vulnerability Matcher Software Bill of Materials with CVE matching | | SPDX/CycloneDX formats β’ Dependency analysis β’ CVE databases β’ EO 14028 compliance Learn More |
| Subdomain Takeover Scanner Detect dangling DNS records | | DNS enumeration β’ CNAME analysis β’ Cloud resource claiming β’ Bug bounty Learn More |
| GraphQL Security Tester Automated GraphQL vulnerability testing | | Introspection attacks β’ Query depth DoS β’ Authorization bypass β’ Batching abuse Learn More |
| Docker Security Audit CIS Docker Benchmark scanner | | CIS benchmarks β’ Container security β’ Multiple output formats Source Code | Docs |
| Project | Info | What You'll Learn |
|---|---|---|
| API Rate Limiter Distributed rate limiting middleware |    | Token bucket algorithm β’ Distributed systems β’ Redis backend Source Code | Docs |
| Encrypted Chat Application Real-time E2EE messaging |    | Signal Protocol β’ Double Ratchet β’ WebAuthn β’ WebSockets Source Code | Docs |
| Exploit Development Framework Modular exploitation framework |  | Exploit development β’ Payload generation β’ Plugin architecture Learn More |
| AI Threat Detection ML-powered nginx threat detection |  | ML ensemble (AE + RF + IF) β’ ONNX inference β’ Real-time detection Source Code |
| Bug Bounty Platform Full vulnerability disclosure platform |  | Full-stack development β’ CVSS scoring β’ Workflow automation Source Code | Docs |
| Cloud Security Compliance Dashboard Multi-cloud compliance with CIS, SOC2, HIPAA |  | CIS benchmarks β’ SOC2/HIPAA compliance β’ Cost-security optimization β’ Drift detection Learn More |
| Malware Analysis Platform Automated sandbox analysis | | Malware analysis β’ Sandboxing β’ YARA rules β’ IOC extraction Learn More |
| Quantum Resistant Encryption Post-quantum cryptography | | Post-quantum algorithms β’ Hybrid encryption β’ Kyber/Dilithium Learn More |
| Zero Day Vulnerability Scanner Coverage-guided fuzzing | | Fuzzing β’ Vulnerability research β’ Crash triage Learn More |
| Distributed Password Cracker GPU-accelerated cracking |  | Distributed systems β’ GPU computing β’ Hash cracking Learn More |
| Kernel Rootkit Detection Detect kernel-level rootkits | | Kernel internals β’ Memory forensics β’ Rootkit detection Learn More |
| Blockchain Smart Contract Auditor Solidity vulnerability analysis |  | Smart contracts β’ Static analysis β’ Solidity security Learn More |
| Adversarial ML Attacker Generate adversarial examples |  | Adversarial ML β’ FGSM/DeepFool β’ Model robustness Learn More |
| Advanced Persistent Threat Simulator Multi-stage APT simulation | | APT techniques β’ C2 infrastructure β’ Lateral movement Learn More |
| Hardware Security Module Emulator Software HSM with PKCS#11 | | HSM concepts β’ PKCS#11 interface β’ Cryptographic operations Learn More |
| Network Covert Channel Data exfiltration techniques | | Covert channels β’ Data exfiltration β’ Steganography Learn More |
| Automated Penetration Testing Full pentest automation | | Pentest automation β’ Recon to exploitation β’ Report generation Learn More |
| Haskell Reverse Proxy Functional reverse proxy with security middleware |  | Functional programming β’ Reverse proxy design β’ Security middleware β’ Haskell Source Code |
| "Monitor the Situation" Dashboard Real-time cyber threat situational awareness | | Threat intelligence β’ CVE tracking β’ MITRE ATT&CK β’ OSINT β’ Real-time dashboards Learn More |
| Honeypot Network Multi-service honeypot deployment & analysis | | Honeypot deployment β’ Attacker behavior analysis β’ IOC extraction β’ MITRE mapping Learn More |
| Supply Chain Security Analyzer Dependency vulnerability analysis | | Supply chain security β’ Dependency analysis β’ Malicious packages Learn More |
Certification Roadmaps - Career paths for SOC Analyst, Pentester, Security Engineer, GRC Analyst, and 6 more tracks
Learning Resources - Tools, courses, certifications, YouTube channels, Reddit communities, and security frameworks
AGPL 3.0
![@dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=64&v=4){kind=small}
![@qodo-code-review[bot]](https://avatars.githubusercontent.com/in/484649?s=64&v=4){kind=small}