https://github.com/carterperez-dev/cybersecurity-projects
60 Cybersecurity Projects | Certification Roadmaps |Everything you need to build your cybersecurity portfolio
https://github.com/carterperez-dev/cybersecurity-projects
ai certification cloud-engineering cyber cybersecurity cybersecurity-analyst cybersecurity-certification cybersecurity-certifications cybersecurity-education cybersecurity-jobs cybersecurity-portfolio cybersecurity-projects cybersecurity-tools grc hacking learning pentesting project-repository projetcs python
Last synced: 24 days ago
JSON representation
60 Cybersecurity Projects | Certification Roadmaps |Everything you need to build your cybersecurity portfolio
- Host: GitHub
- URL: https://github.com/carterperez-dev/cybersecurity-projects
- Owner: CarterPerez-dev
- License: agpl-3.0
- Created: 2025-11-08T02:16:49.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2026-02-25T23:43:30.000Z (about 1 month ago)
- Last Synced: 2026-02-26T01:47:15.226Z (about 1 month ago)
- Topics: ai, certification, cloud-engineering, cyber, cybersecurity, cybersecurity-analyst, cybersecurity-certification, cybersecurity-certifications, cybersecurity-education, cybersecurity-jobs, cybersecurity-portfolio, cybersecurity-projects, cybersecurity-tools, grc, hacking, learning, pentesting, project-repository, projetcs, python
- Language: Python
- Homepage: https://certgames.com
- Size: 22 MB
- Stars: 976
- Watchers: 15
- Forks: 97
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Contributing: .github/CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: .github/CODE_OF_CONDUCT.md
- Security: .github/SECURITY.md
- Roadmap: ROADMAPS/APPLICATION-SECURITY.md
Awesome Lists containing this project
README
Cybersecurity Projects 🐉
60 Cybersecurity Projects, Certification Roadmaps & Resources
Made possible by CertGames
View Complete Projects:
Currently building: Hash Cracker
---
## Quick Navigation
### [Projects](#projects)
60 hands-on cybersecurity projects with full source code, from beginner to advanced level.
### [Certification Roadmaps](./ROADMAPS/README.md)
10 structured career paths with certification guides for SOC Analyst, Pentester, Security Engineer, and more.
### [Learning Resources](./RESOURCES/README.md)
Tools, courses, certifications, communities, and frameworks for cybersecurity professionals.
---
# Projects
## Beginner Projects
| Project | Info | What You'll Learn |
|---------|------|-------------------|
| **[Simple Port Scanner](./PROJECTS/beginner/simple-port-scanner)**
Async TCP port scanner in C++ [@deniskhud](https://github.com/deniskhud) |    | TCP socket programming • Async I/O patterns • Service detection
[Source Code](./PROJECTS/beginner/simple-port-scanner) \| [Docs](./PROJECTS/beginner/simple-port-scanner/learn) |
| **[Keylogger](./PROJECTS/beginner/keylogger)**
Capture keyboard events with timestamps |    | Event handling • File I/O • Ethical considerations
[Source Code](./PROJECTS/beginner/keylogger) \| [Docs](./PROJECTS/beginner/keylogger/learn) |
| **[Caesar Cipher](./PROJECTS/beginner/caesar-cipher)**
CLI encryption/decryption tool |    | Classical cryptography • Brute force attacks • CLI design
[Source Code](./PROJECTS/beginner/caesar-cipher) \| [Docs](./PROJECTS/beginner/caesar-cipher/learn) |
| **[DNS Lookup CLI Tool](./PROJECTS/beginner/dns-lookup)**
Query DNS records with WHOIS |    | DNS protocols • WHOIS queries • Reverse DNS lookup
[Source Code](./PROJECTS/beginner/dns-lookup) \| [Docs](./PROJECTS/beginner/dns-lookup/learn) |
| **[Simple Vulnerability Scanner](./PROJECTS/beginner/simple-vulnerability-scanner)**
Check software against CVE databases |    | CVE databases • Dependency scanning • Vulnerability assessment
[Source Code](./PROJECTS/beginner/simple-vulnerability-scanner) \| [Docs](./PROJECTS/beginner/simple-vulnerability-scanner/learn) |
| **[Metadata Scrubber Tool](./PROJECTS/beginner/metadata-scrubber-tool)**
Remove EXIF and privacy metadata [@Heritage-XioN](https://github.com/Heritage-XioN) |    | EXIF data • Privacy protection • Batch processing
[Source Code](./PROJECTS/beginner/metadata-scrubber-tool) \| [Docs](./PROJECTS/beginner/metadata-scrubber-tool/learn) |
| **[Network Traffic Analyzer](./PROJECTS/beginner/network-traffic-analyzer)**
Capture and analyze packets |     | Packet capture • Protocol analysis • Traffic visualization
[Source (C++)](./PROJECTS/beginner/network-traffic-analyzer/cpp) \| [Docs (C++)](./PROJECTS/beginner/network-traffic-analyzer/cpp/learn) \| [Source (Python)](./PROJECTS/beginner/network-traffic-analyzer/python) \| [Docs (Python)](./PROJECTS/beginner/network-traffic-analyzer/python/learn) |
| **[Hash Cracker](./SYNOPSES/beginner/Hash.Cracker.md)**
Dictionary and brute-force cracking |    | Hash algorithms • Dictionary attacks • Password security
[Learn More](./SYNOPSES/beginner/Hash.Cracker.md) |
| **[Steganography Tool](./SYNOPSES/beginner/Steganography.Tool.md)**
Hide messages in images |    | LSB steganography • Image manipulation • Data hiding
[Learn More](./SYNOPSES/beginner/Steganography.Tool.md) |
| **[MAC Address Spoofer](./SYNOPSES/beginner/MAC.Address.Spoofer.md)**
Change network interface MAC |    | Network interfaces • MAC addresses • Vendor lookup
[Learn More](./SYNOPSES/beginner/MAC.Address.Spoofer.md) |
| **[File Integrity Monitor](./SYNOPSES/beginner/File.Integrity.Monitor.md)**
Monitor directories with checksums |    | Cryptographic hashing • File monitoring • Alert systems
[Learn More](./SYNOPSES/beginner/File.Integrity.Monitor.md) |
| **[Security News Scraper](./SYNOPSES/beginner/Security.News.Scraper.md)**
Aggregate cybersecurity news |    | Web scraping • CVE parsing • Database storage
[Learn More](./SYNOPSES/beginner/Security.News.Scraper.md) |
| **[Phishing URL Detector](./SYNOPSES/beginner/Phishing.URL.Detector.md)**
Analyze URLs for phishing |    | URL analysis • Typosquatting detection • Safe browsing APIs
[Learn More](./SYNOPSES/beginner/Phishing.URL.Detector.md) |
| **[SSH Brute Force Detector](./SYNOPSES/beginner/SSH.Brute.Force.Detector.md)**
Monitor and block SSH attacks |    | Log parsing • Attack detection • Firewall automation
[Learn More](./SYNOPSES/beginner/SSH.Brute.Force.Detector.md) |
| **[Simple C2 Beacon](./PROJECTS/beginner/c2-beacon)**
Command and Control beacon/server |      | C2 architecture • MITRE ATT&CK • WebSocket protocol • XOR encoding
[Source Code](./PROJECTS/beginner/c2-beacon) \| [Docs](./PROJECTS/beginner/c2-beacon/learn) |
| **[Base64 Encoder/Decoder](./SYNOPSES/beginner/Base64.Encoder.Decoder.md)**
Multi-format encoding tool |    | Base64/32 encoding • URL encoding • Auto-detection
[Source Code](./PROJECTS/beginner/base64-tool) \| [Docs](./PROJECTS/beginner/base64-tool/learn) |
| **[Firewall Log Parser](./SYNOPSES/beginner/Firewall.Log.Parser.md)**
Parse and visualize logs |    | Log parsing • Pattern recognition • Data visualization
[Learn More](./SYNOPSES/beginner/Firewall.Log.Parser.md) |
| **[ARP Spoofing Detector](./SYNOPSES/beginner/ARP.Spoofing.Detector.md)**
Detect ARP attacks |    | ARP protocol • MAC tracking • MITM detection
[Learn More](./SYNOPSES/beginner/ARP.Spoofing.Detector.md) |
| **[Windows Registry Monitor](./SYNOPSES/beginner/Windows.Registry.Monitor.md)**
Track registry changes |    | Windows registry • Persistence detection • System monitoring
[Learn More](./SYNOPSES/beginner/Windows.Registry.Monitor.md) |
| **[Ransomware Simulator](./SYNOPSES/beginner/Ransomware.Simulator.md)**
Educational encryption demo |    | File encryption • Ransomware behavior • Ethical testing
[Learn More](./SYNOPSES/beginner/Ransomware.Simulator.md) |
## Intermediate Projects
| Project | Info | What You'll Learn |
|---------|------|-------------------|
| **[Reverse Shell Handler](./SYNOPSES/intermediate/Reverse.Shell.Handler.md)**
Multi-client shell server |    | Socket programming • Command execution • File transfer
[Learn More](./SYNOPSES/intermediate/Reverse.Shell.Handler.md) |
| **[SIEM Dashboard](./SYNOPSES/intermediate/SIEM.Dashboard.md)**
Log aggregation with correlation |     | SIEM concepts • Log correlation • Full-stack development
[Source Code](./PROJECTS/intermediate/siem-dashboard) \| [Docs](./PROJECTS/intermediate/siem-dashboard/learn) |
| **[Threat Intelligence Aggregator](./SYNOPSES/intermediate/Threat.Intelligence.Aggregator.md)**
Collect and enrich IOCs |    | Threat feeds • IOC enrichment • API integration
[Learn More](./SYNOPSES/intermediate/Threat.Intelligence.Aggregator.md) |
| **[OAuth Token Analyzer](./SYNOPSES/intermediate/OAuth.Token.Analyzer.md)**
Decode and validate JWT |    | JWT tokens • OAuth vulnerabilities • Signature validation
[Learn More](./SYNOPSES/intermediate/OAuth.Token.Analyzer.md) |
| **[Web Vulnerability Scanner](./SYNOPSES/intermediate/Web.Vulnerability.Scanner.md)**
Automated XSS, SQLi, CSRF testing |    | Web vulnerabilities • Async scanning • Plugin architecture
[Learn More](./SYNOPSES/intermediate/Web.Vulnerability.Scanner.md) |
| **[DDoS Mitigation Tool](./SYNOPSES/intermediate/DDoS.Mitigation.Tool.md)**
Detect traffic spikes |    | DDoS detection • Rate limiting • Anomaly detection
[Learn More](./SYNOPSES/intermediate/DDoS.Mitigation.Tool.md) |
| **[Secrets Scanner](./PROJECTS/intermediate/secrets-scanner)**
Scan codebases and git history for leaked secrets |    | Secret detection • Shannon entropy • HIBP k-anonymity • SARIF output
[Source Code](./PROJECTS/intermediate/secrets-scanner) \| [Docs](./PROJECTS/intermediate/secrets-scanner/learn) |
| **[API Security Scanner](./PROJECTS/intermediate/api-security-scanner)**
Enterprise API vulnerability scanner |      | OWASP API Top 10 • ML fuzzing • GraphQL/SOAP testing
[Source Code](./PROJECTS/intermediate/api-security-scanner) \| [Docs](./PROJECTS/intermediate/api-security-scanner/learn) |
| **[Wireless Deauth Detector](./SYNOPSES/intermediate/Wireless.Deauth.Detector.md)**
Monitor WiFi deauth attacks |    | Wireless security • Packet sniffing • Attack detection
[Learn More](./SYNOPSES/intermediate/Wireless.Deauth.Detector.md) |
| **[Active Directory Enumeration](./SYNOPSES/intermediate/Active.Directory.Enumeration.md)**
Enumerate AD infrastructure |    | LDAP queries • AD structure • Privilege analysis
[Learn More](./SYNOPSES/intermediate/Active.Directory.Enumeration.md) |
| **[Binary Analysis Tool](./SYNOPSES/intermediate/Binary.Analysis.Tool.md)**
Disassemble and analyze executables |    | Binary analysis • String extraction • Malware detection
[Learn More](./SYNOPSES/intermediate/Binary.Analysis.Tool.md) |
| **[Network Intrusion Prevention](./SYNOPSES/intermediate/Network.Intrusion.Prevention.md)**
Real-time packet inspection |    | IPS concepts • Snort rules • Firewall integration
[Learn More](./SYNOPSES/intermediate/Network.Intrusion.Prevention.md) |
| **[Password Policy Auditor](./SYNOPSES/intermediate/Password.Policy.Auditor.md)**
Audit password policies |    | Password security • Policy compliance • Weak password detection
[Learn More](./SYNOPSES/intermediate/Password.Policy.Auditor.md) |
| **[Cloud Asset Inventory](./SYNOPSES/intermediate/Cloud.Asset.Inventory.md)**
Discover cloud resources |     | Cloud APIs • Asset discovery • Cost tracking
[Learn More](./SYNOPSES/intermediate/Cloud.Asset.Inventory.md) |
| **[OSINT Reconnaissance Framework](./SYNOPSES/intermediate/OSINT.Reconnaissance.Framework.md)**
Aggregate public intelligence |    | OSINT techniques • Data aggregation • Target profiling
[Learn More](./SYNOPSES/intermediate/OSINT.Reconnaissance.Framework.md) |
| **[SSL/TLS Certificate Scanner](./SYNOPSES/intermediate/SSL.TLS.Certificate.Scanner.md)**
Scan for SSL misconfigurations |    | TLS/SSL protocols • Certificate validation • Cipher analysis
[Learn More](./SYNOPSES/intermediate/SSL.TLS.Certificate.Scanner.md) |
| **[Mobile App Security Analyzer](./SYNOPSES/intermediate/Mobile.App.Security.Analyzer.md)**
Decompile and analyze mobile apps |    | APK/IPA analysis • Reverse engineering • OWASP Mobile
[Learn More](./SYNOPSES/intermediate/Mobile.App.Security.Analyzer.md) |
| **[Backup Integrity Checker](./SYNOPSES/intermediate/Backup.Integrity.Checker.md)**
Verify backup integrity |    | Backup validation • Restoration testing • Checksum verification
[Learn More](./SYNOPSES/intermediate/Backup.Integrity.Checker.md) |
| **[Web Application Firewall](./SYNOPSES/intermediate/Web.Application.Firewall.md)**
Reverse proxy with filtering |    | WAF concepts • Request filtering • Attack blocking
[Learn More](./SYNOPSES/intermediate/Web.Application.Firewall.md) |
| **[Privilege Escalation Finder](./SYNOPSES/intermediate/Privilege.Escalation.Finder.md)**
Identify privilege escalation |    | Privilege escalation • SUID binaries • Weak permissions
[Learn More](./SYNOPSES/intermediate/Privilege.Escalation.Finder.md) |
| **[Network Baseline Monitor](./SYNOPSES/intermediate/Network.Baseline.Monitor.md)**
Monitor network behavior |    | Baseline analysis • Anomaly detection • Traffic patterns
[Learn More](./SYNOPSES/intermediate/Network.Baseline.Monitor.md) |
| **[Docker Security Audit](./PROJECTS/intermediate/docker-security-audit)**
CIS Docker Benchmark scanner |     | CIS benchmarks • Container security • Multiple output formats
[Source Code](./PROJECTS/intermediate/docker-security-audit) \| [Docs](./PROJECTS/intermediate/docker-security-audit/learn) |
## Advanced Projects
| Project | Info | What You'll Learn |
|---------|------|-------------------|
| **[API Rate Limiter](./PROJECTS/advanced/api-rate-limiter)**
Distributed rate limiting middleware |     | Token bucket algorithm • Distributed systems • Redis backend
[Source Code](./PROJECTS/advanced/api-rate-limiter) \| [Docs](./PROJECTS/advanced/api-rate-limiter/learn) |
| **[Encrypted Chat Application](./PROJECTS/advanced/encrypted-p2p-chat)**
Real-time E2EE messaging |      | Signal Protocol • Double Ratchet • WebAuthn • WebSockets
[Source Code](./PROJECTS/advanced/encrypted-p2p-chat) \| [Docs](./PROJECTS/advanced/encrypted-p2p-chat/learn) |
| **[Exploit Development Framework](./SYNOPSES/advanced/Exploit.Development.Framework.md)**
Modular exploitation framework |    | Exploit development • Payload generation • Plugin architecture
[Learn More](./SYNOPSES/advanced/Exploit.Development.Framework.md) |
| **[AI Threat Detection](./PROJECTS/advanced/ai-threat-detection)**
ML-powered nginx threat detection |      | ML ensemble (AE + RF + IF) • ONNX inference • Real-time detection
[Source Code](./PROJECTS/advanced/ai-threat-detection) |
| **[Bug Bounty Platform](./PROJECTS/advanced/bug-bounty-platform)**
Full vulnerability disclosure platform |      | Full-stack development • CVSS scoring • Workflow automation
[Source Code](./PROJECTS/advanced/bug-bounty-platform) \| [Docs](./PROJECTS/advanced/bug-bounty-platform/learn) |
| **[Cloud Security Posture Management](./SYNOPSES/advanced/Cloud.Security.Posture.Management.md)**
Multi-cloud misconfiguration scanner |      | Cloud security • CIS benchmarks • Multi-cloud APIs
[Learn More](./SYNOPSES/advanced/Cloud.Security.Posture.Management.md) |
| **[Malware Analysis Platform](./SYNOPSES/advanced/Malware.Analysis.Platform.md)**
Automated sandbox analysis |     | Malware analysis • Sandboxing • YARA rules • IOC extraction
[Learn More](./SYNOPSES/advanced/Malware.Analysis.Platform.md) |
| **[Quantum Resistant Encryption](./SYNOPSES/advanced/Quantum.Resistant.Encryption.md)**
Post-quantum cryptography |    | Post-quantum algorithms • Hybrid encryption • Kyber/Dilithium
[Learn More](./SYNOPSES/advanced/Quantum.Resistant.Encryption.md) |
| **[Zero Day Vulnerability Scanner](./SYNOPSES/advanced/Zero.Day.Vulnerability.Scanner.md)**
Coverage-guided fuzzing |     | Fuzzing • Vulnerability research • Crash triage
[Learn More](./SYNOPSES/advanced/Zero.Day.Vulnerability.Scanner.md) |
| **[Distributed Password Cracker](./SYNOPSES/advanced/Distributed.Password.Cracker.md)**
GPU-accelerated cracking |     | Distributed systems • GPU computing • Hash cracking
[Learn More](./SYNOPSES/advanced/Distributed.Password.Cracker.md) |
| **[Kernel Rootkit Detection](./SYNOPSES/advanced/Kernel.Rootkit.Detection.md)**
Detect kernel-level rootkits |    | Kernel internals • Memory forensics • Rootkit detection
[Learn More](./SYNOPSES/advanced/Kernel.Rootkit.Detection.md) |
| **[Blockchain Smart Contract Auditor](./SYNOPSES/advanced/Blockchain.Smart.Contract.Auditor.md)**
Solidity vulnerability analysis |     | Smart contracts • Static analysis • Solidity security
[Learn More](./SYNOPSES/advanced/Blockchain.Smart.Contract.Auditor.md) |
| **[Adversarial ML Attacker](./SYNOPSES/advanced/Adversarial.ML.Attacker.md)**
Generate adversarial examples |     | Adversarial ML • FGSM/DeepFool • Model robustness
[Learn More](./SYNOPSES/advanced/Adversarial.ML.Attacker.md) |
| **[Advanced Persistent Threat Simulator](./SYNOPSES/advanced/Advanced.Persistent.Threat.Simulator.md)**
Multi-stage APT simulation |    | APT techniques • C2 infrastructure • Lateral movement
[Learn More](./SYNOPSES/advanced/Advanced.Persistent.Threat.Simulator.md) |
| **[Hardware Security Module Emulator](./SYNOPSES/advanced/Hardware.Security.Module.Emulator.md)**
Software HSM with PKCS#11 |    | HSM concepts • PKCS#11 interface • Cryptographic operations
[Learn More](./SYNOPSES/advanced/Hardware.Security.Module.Emulator.md) |
| **[Network Covert Channel](./SYNOPSES/advanced/Network.Covert.Channel.md)**
Data exfiltration techniques |    | Covert channels • Data exfiltration • Steganography
[Learn More](./SYNOPSES/advanced/Network.Covert.Channel.md) |
| **[Automated Penetration Testing](./SYNOPSES/advanced/Automated.Penetration.Testing.md)**
Full pentest automation |    | Pentest automation • Recon to exploitation • Report generation
[Learn More](./SYNOPSES/advanced/Automated.Penetration.Testing.md) |
| **[Supply Chain Security Analyzer](./SYNOPSES/advanced/Supply.Chain.Security.Analyzer.md)**
Dependency vulnerability analysis |    | Supply chain security • Dependency analysis • Malicious packages
[Learn More](./SYNOPSES/advanced/Supply.Chain.Security.Analyzer.md) |
---
## Learn More
**[Certification Roadmaps](./ROADMAPS/README.md)** - Career paths for SOC Analyst, Pentester, Security Engineer, GRC Analyst, and 6 more tracks
**[Learning Resources](./RESOURCES/README.md)** - Tools, courses, certifications, YouTube channels, Reddit communities, and security frameworks
## License
AGPL 3.0