Cybersecurity Projects 🐉
70 Cybersecurity Projects, Certification Roadmaps & Resources
Made possible by CertGames
View Complete Projects:
Currently building: DDoS Mitigation Tool
---
## Quick Navigation
### [Projects](#projects)
Hands-on cybersecurity projects with full source code, organized in four tiers — **Foundations** (pre-beginner, first-time programmers), **Beginner**, **Intermediate**, and **Advanced**.
### [Certification Roadmaps](./ROADMAPS/README.md)
10 structured career paths with certification guides for SOC Analyst, Pentester, Security Engineer, and more.
### [Learning Resources](./RESOURCES/README.md)
Tools, courses, certifications, communities, and frameworks for cybersecurity professionals.
---
# Projects
---
> [!TIP]
> **Want to be walked through building these instead of reading finished source?** [CertGames](https://certgames.com) has guided project courses that build real security tools from scratch, step by step, with the concepts explained as you go. Same projects, less getting stuck. FREE
## Foundations Projects
> [!NOTE]
> **Start here if this is your first time coding.** The Foundations tier is *pre-beginner* — built for someone who has never written Python, has barely used a terminal, and is new to cybersecurity. Source files are heavily commented as a teaching aid, and every `learn/` folder explains concepts from zero. Once you're comfortable here, the Beginner projects assume you already know the language and move faster.
>
> **What makes Foundations different:**
> - **Single-file projects** — the entire tool lives in one readable Python file. No file-hopping.
> - **Heavy teaching comments** — every line that introduces a new concept is annotated inline.
> - **Numpy-style docstrings on every function** — what it does, why it exists, every parameter.
> - **Extra-deep `learn/` folders** — Python features and security concepts both explained from zero.
> - **Senior-level code, beginner-level explanations** — the code itself is still production-quality.
| Project | Info | What You'll Learn |
|---------|------|-------------------|
| **[Hash Identifier](./PROJECTS/foundations/hash-identifier)**
Identify hash types by prefix, length, and charset |     | Hash families (MD5, SHA, bcrypt, Argon2) • PHC string format • Pattern matching • Pure-function design
[Source Code](./PROJECTS/foundations/hash-identifier) \| [Docs](./PROJECTS/foundations/hash-identifier/learn) |
| **[HTTP Headers Scanner](./PROJECTS/foundations/http-headers-scanner)**
Audit a URL's response headers for missing or weak security controls |     | HTTP fundamentals • Security headers (CSP, HSTS, X-Frame-Options) • httpx requests • Scored audits
[Source Code](./PROJECTS/foundations/http-headers-scanner) \| [Docs](./PROJECTS/foundations/http-headers-scanner/learn) |
| **[Password Manager](./PROJECTS/foundations/password-manager)**
Encrypted local vault with master password unlock |     | Argon2id key derivation • AES-GCM authenticated encryption • Secure on-disk vaults • Master-password workflows
[Source Code](./PROJECTS/foundations/password-manager) \| [Docs](./PROJECTS/foundations/password-manager/learn) |
---
## Beginner Projects
| Project | Info | What You'll Learn |
|---------|------|-------------------|
| **[Simple Port Scanner](./PROJECTS/beginner/simple-port-scanner)**
Async TCP port scanner in C++ [@deniskhud](https://github.com/deniskhud) |    | TCP socket programming • Async I/O patterns • Service detection
[Source Code](./PROJECTS/beginner/simple-port-scanner) \| [Docs](./PROJECTS/beginner/simple-port-scanner/learn) |
| **[Keylogger](./PROJECTS/beginner/keylogger)**
Capture keyboard events with timestamps |    | Event handling • File I/O • Ethical considerations
[Source Code](./PROJECTS/beginner/keylogger) \| [Docs](./PROJECTS/beginner/keylogger/learn) |
| **[Caesar Cipher](./PROJECTS/beginner/caesar-cipher)**
CLI encryption/decryption tool |    | Classical cryptography • Brute force attacks • CLI design
[Source Code](./PROJECTS/beginner/caesar-cipher) \| [Docs](./PROJECTS/beginner/caesar-cipher/learn) |
| **[DNS Lookup CLI Tool](./PROJECTS/beginner/dns-lookup)**
Query DNS records with WHOIS |    | DNS protocols • WHOIS queries • Reverse DNS lookup
[Source Code](./PROJECTS/beginner/dns-lookup) \| [Docs](./PROJECTS/beginner/dns-lookup/learn) |
| **[Simple Vulnerability Scanner](./PROJECTS/beginner/simple-vulnerability-scanner)**
Check software against CVE databases |    | CVE databases • Dependency scanning • Vulnerability assessment
[Source Code](./PROJECTS/beginner/simple-vulnerability-scanner) \| [Docs](./PROJECTS/beginner/simple-vulnerability-scanner/learn) |
| **[Metadata Scrubber Tool](./PROJECTS/beginner/metadata-scrubber-tool)**
Remove EXIF and privacy metadata [@Heritage-XioN](https://github.com/Heritage-XioN) |    | EXIF data • Privacy protection • Batch processing
[Source Code](./PROJECTS/beginner/metadata-scrubber-tool) \| [Docs](./PROJECTS/beginner/metadata-scrubber-tool/learn) |
| **[Network Traffic Analyzer](./PROJECTS/beginner/network-traffic-analyzer)**
Capture and analyze packets |     | Packet capture • Protocol analysis • Traffic visualization
[Source (C++)](./PROJECTS/beginner/network-traffic-analyzer/cpp) \| [Docs (C++)](./PROJECTS/beginner/network-traffic-analyzer/cpp/learn) \| [Source (Python)](./PROJECTS/beginner/network-traffic-analyzer/python) \| [Docs (Python)](./PROJECTS/beginner/network-traffic-analyzer/python/learn) |
| **[Hash Cracker](./PROJECTS/beginner/hash-cracker)**
Dictionary and brute-force cracking |    | Hash algorithms • Dictionary attacks • Password security
[Source Code](./PROJECTS/beginner/hash-cracker) \| [Docs](./PROJECTS/beginner/hash-cracker/learn) |
| **[Steganography Multi-Tool](./SYNOPSES/beginner/Steganography.Multi.Tool.md)**
Hide data in images, audio, QR, PDFs, text |    | Multi-format steganography • Encrypted AEAD envelope • Zero-width Unicode • Audio LSB • QR Reed-Solomon injection
[Source Code](./PROJECTS/beginner/steganography-multi-tool) \| [Docs](./PROJECTS/beginner/steganography-multi-tool/learn) |
| **[Ghost on the Wire](./SYNOPSES/beginner/Ghost.On.The.Wire.md)**
L2 attack & defense: MAC spoofing + ARP detection |    | ARP protocol • MAC spoofing • MITM detection • L2 trust mapping
[Learn More](./SYNOPSES/beginner/Ghost.On.The.Wire.md) |
| **[Canary Token Generator](./PROJECTS/beginner/canary-token-generator)**
Self-hosted honeytokens that alert on access |      | Deception defense • Honeytokens • MySQL wire protocol • PDF/DOCX patching • Webhook + Telegram alerting
[Source Code](./PROJECTS/beginner/canary-token-generator) \| [Docs](./PROJECTS/beginner/canary-token-generator/learn)
[](https://iglowinthedark.com/) |
| **[Phishing Domain Generator & Quishing Scanner](./SYNOPSES/beginner/Phishing.Domain.Generator.And.Quishing.Scanner.md)**
Typosquat generation + QR phishing detection |    | Homoglyph attacks • Typosquatting • QR code analysis • Domain intelligence
[Learn More](./SYNOPSES/beginner/Phishing.Domain.Generator.And.Quishing.Scanner.md) |
| **[SSH Brute Force Detector](./SYNOPSES/beginner/SSH.Brute.Force.Detector.md)**
Monitor and block SSH attacks |    | Log parsing • Attack detection • Firewall automation
[Learn More](./SYNOPSES/beginner/SSH.Brute.Force.Detector.md) |
| **[Simple C2 Beacon](./PROJECTS/beginner/c2-beacon)**
Command and Control beacon/server |      | C2 architecture • MITRE ATT&CK • WebSocket protocol • XOR encoding
[Source Code](./PROJECTS/beginner/c2-beacon) \| [Docs](./PROJECTS/beginner/c2-beacon/learn) |
| **[Base64 Encoder/Decoder](./SYNOPSES/beginner/Base64.Encoder.Decoder.md)**
Multi-format encoding tool |    | Base64/32 encoding • URL encoding • Auto-detection
[Source Code](./PROJECTS/beginner/base64-tool) \| [Docs](./PROJECTS/beginner/base64-tool/learn) |
| **[Linux CIS Hardening Auditor](./PROJECTS/beginner/linux-cis-hardening-auditor)**
CIS benchmark compliance checker |    | CIS benchmarks • System hardening • Compliance scoring • Shell scripting
[Source Code](./PROJECTS/beginner/linux-cis-hardening-auditor) \| [Docs](./PROJECTS/beginner/linux-cis-hardening-auditor/learn) |
| **[Systemd Persistence Scanner](./PROJECTS/beginner/systemd-persistence-scanner)**
Hunt Linux persistence mechanisms |    | Persistence techniques • Systemd internals • Cron analysis • Threat hunting
[Source Code](./PROJECTS/beginner/systemd-persistence-scanner) \| [Docs](./PROJECTS/beginner/systemd-persistence-scanner/learn) |
| **[Linux eBPF Security Tracer](./PROJECTS/beginner/linux-ebpf-security-tracer)**
Real-time syscall tracing with eBPF |     | eBPF programs • Syscall tracing • BCC framework • Security observability
[Source Code](./PROJECTS/beginner/linux-ebpf-security-tracer) \| [Docs](./PROJECTS/beginner/linux-ebpf-security-tracer/learn) |
| **[Trojan Application Builder](./SYNOPSES/beginner/Trojan.Application.Builder.md)**
Educational malware lifecycle demo |    | Trojan anatomy • Data exfiltration • File encryption • Attack lifecycle
[Learn More](./SYNOPSES/beginner/Trojan.Application.Builder.md) |
| **[DNS Sinkhole](./SYNOPSES/beginner/DNS.Sinkhole.md)**
Pi-hole-style malware domain blocker |    | DNS protocol • Blocklist management • Query logging • Network defense
[Learn More](./SYNOPSES/beginner/DNS.Sinkhole.md) |
| **[Firewall Rule Engine](./PROJECTS/beginner/firewall-rule-engine)**
Parse and validate iptables/nftables rules |    | Firewall internals • Rule parsing • iptables/nftables • V language
[Source Code](./PROJECTS/beginner/firewall-rule-engine) \| [Docs](./PROJECTS/beginner/firewall-rule-engine/learn) |
| **[LLM Prompt Injection Firewall](./SYNOPSES/beginner/LLM.Prompt.Injection.Firewall.md)**
Detect and block prompt injection attacks |    | AI security • Prompt injection • Input sanitization • LLM defense
[Learn More](./SYNOPSES/beginner/LLM.Prompt.Injection.Firewall.md) |
## Intermediate Projects
| Project | Info | What You'll Learn |
|---------|------|-------------------|
| **[Security News Scraper](./SYNOPSES/beginner/Security.News.Scraper.md)**
Aggregate cybersecurity news |    | Web scraping • CVE parsing • Database storage
[Source Code](./PROJECTS/intermediate/security-news-scraper) \| [Docs](./PROJECTS/intermediate/security-news-scraper/learn) |
| **[Payload Obfuscation Engine](./SYNOPSES/intermediate/Payload.Obfuscation.Engine.md)**
Multi-layer payload obfuscation toolkit |    | Obfuscation techniques • Polymorphism • AV evasion • Signature detection
[Learn More](./SYNOPSES/intermediate/Payload.Obfuscation.Engine.md) |
| **[SIEM Dashboard](./SYNOPSES/intermediate/SIEM.Dashboard.md)**
Log aggregation with correlation |     | SIEM concepts • Log correlation • Full-stack development
[Source Code](./PROJECTS/intermediate/siem-dashboard) \| [Docs](./PROJECTS/intermediate/siem-dashboard/learn)
[](https://siem.carterperez-dev.com/) |
| **[Token Abuse Playground](./SYNOPSES/intermediate/Token.Abuse.Playground.md)**
15+ token vulnerabilities to exploit and fix |     | JWT exploitation • OAuth attacks • Session security • Token forensics
[Learn More](./SYNOPSES/intermediate/Token.Abuse.Playground.md) |
| **[Supply Chain Attack Simulator](./SYNOPSES/intermediate/Supply.Chain.Attack.Simulator.md)**
Fake PyPI package dependency confusion demo |    | Supply chain attacks • Dependency confusion • Package security • PyPI internals
[Learn More](./SYNOPSES/intermediate/Supply.Chain.Attack.Simulator.md) |
| **[DDoS Mitigation Tool](./SYNOPSES/intermediate/DDoS.Mitigation.Tool.md)**
Detect traffic spikes |    | DDoS detection • Rate limiting • Anomaly detection
[Learn More](./SYNOPSES/intermediate/DDoS.Mitigation.Tool.md) |
| **[Secrets Scanner](./PROJECTS/intermediate/secrets-scanner)**
Scan codebases and git history for leaked secrets |    | Secret detection • Shannon entropy • HIBP k-anonymity • SARIF output
[Source Code](./PROJECTS/intermediate/secrets-scanner) \| [Docs](./PROJECTS/intermediate/secrets-scanner/learn) |
| **[API Security Scanner](./PROJECTS/intermediate/api-security-scanner)**
Enterprise API vulnerability scanner |      | OWASP API Top 10 • ML fuzzing • GraphQL/SOAP testing
[Source Code](./PROJECTS/intermediate/api-security-scanner) \| [Docs](./PROJECTS/intermediate/api-security-scanner/learn) |
| **[Wireless Deauth Detector](./SYNOPSES/intermediate/Wireless.Deauth.Detector.md)**
Monitor WiFi deauth attacks |    | Wireless security • Packet sniffing • Attack detection
[Learn More](./SYNOPSES/intermediate/Wireless.Deauth.Detector.md) |
| **[Credential Enumeration](./PROJECTS/intermediate/credential-enumeration)**
Post-exploitation credential collection |    | Credential extraction • Browser forensics • Red team tooling • Nim language
[Source Code](./PROJECTS/intermediate/credential-enumeration) \| [Docs](./PROJECTS/intermediate/credential-enumeration/learn) |
| **[Binary Analysis Tool](./PROJECTS/intermediate/binary-analysis-tool)**
Disassemble and analyze executables |    | Binary analysis • String extraction • Malware detection
[Source Code](./PROJECTS/intermediate/binary-analysis-tool) \| [Docs](./PROJECTS/intermediate/binary-analysis-tool/learn)
[](https://elitenetwork4life.com/) |
| **[Chaos Engineering Security Tool](./SYNOPSES/intermediate/Chaos.Engineering.Security.Tool.md)**
Inject security failures to test resilience |    | Chaos engineering • Security resilience • Credential spraying • Auth testing
[Learn More](./SYNOPSES/intermediate/Chaos.Engineering.Security.Tool.md) |
| **[Credential Rotation Enforcer](./SYNOPSES/intermediate/Credential.Rotation.Enforcer.md)**
Track and enforce credential rotation policies |    | Credential hygiene • Secret rotation • Compliance dashboards • API integration
[Source Code](./PROJECTS/intermediate/credential-rotation-enforcer) \| [Docs](./PROJECTS/intermediate/credential-rotation-enforcer/learn) |
| **[Race Condition Exploiter](./SYNOPSES/intermediate/Race.Condition.Exploiter.md)**
TOCTOU race condition attack & defense lab |     | TOCTOU attacks • Double-spend bugs • Concurrent exploitation • Race visualization
[Learn More](./SYNOPSES/intermediate/Race.Condition.Exploiter.md) |
| **[JA3/JA4 TLS Fingerprinting Tool](./SYNOPSES/intermediate/JA3.JA4.TLS.Fingerprinting.Tool.md)**
Fingerprint TLS clients by handshake |    | TLS handshake analysis • JA3/JA4 hashing • Bot detection • Malware C2 identification
[Source Code](./PROJECTS/intermediate/ja3-ja4-tls-fingerprinting) \| [Docs](./PROJECTS/intermediate/ja3-ja4-tls-fingerprinting/learn)
[](https://mkultraalumni.com/) |
| **[Mobile App Security Analyzer](./SYNOPSES/intermediate/Mobile.App.Security.Analyzer.md)**
Decompile and analyze mobile apps |    | APK/IPA analysis • Reverse engineering • OWASP Mobile
[Learn More](./SYNOPSES/intermediate/Mobile.App.Security.Analyzer.md) |
| **[DLP Scanner](./PROJECTS/intermediate/dlp-scanner)**
Data Loss Prevention for files, DBs, and traffic |    | PII detection • GDPR/HIPAA compliance • Pattern matching • Data classification
[Source Code](./PROJECTS/intermediate/dlp-scanner) \| [Docs](./PROJECTS/intermediate/dlp-scanner/learn) |
| **[Lua/Nginx Edge Backend](./SYNOPSES/intermediate/Lua.Nginx.Edge.Backend.md)**
Full CRUD backend via Lua in Nginx |     | Edge computing • OpenResty • Lua scripting • WAF • JWT at the edge
[Learn More](./SYNOPSES/intermediate/Lua.Nginx.Edge.Backend.md) |
| **[Privesc Playground](./SYNOPSES/intermediate/Privesc.Playground.md)**
20+ privilege escalation paths to exploit |    | SUID exploitation • Sudo abuse • Cron hijacking • GTFOBins • Capability abuse
[Learn More](./SYNOPSES/intermediate/Privesc.Playground.md) |
| **[SBOM Generator & Vulnerability Matcher](./PROJECTS/intermediate/sbom-generator-vulnerability-matcher)**
Software Bill of Materials with CVE matching |    | SPDX/CycloneDX formats • Dependency analysis • CVE databases • EO 14028 compliance
[Source Code](./PROJECTS/intermediate/sbom-generator-vulnerability-matcher) \| [Docs](./PROJECTS/intermediate/sbom-generator-vulnerability-matcher/learn) |
| **[Subdomain Takeover Scanner](./SYNOPSES/intermediate/Subdomain.Takeover.Scanner.md)**
Detect dangling DNS records |    | DNS enumeration • CNAME analysis • Cloud resource claiming • Bug bounty
[Learn More](./SYNOPSES/intermediate/Subdomain.Takeover.Scanner.md) |
| **[GraphQL Security Tester](./SYNOPSES/intermediate/GraphQL.Security.Tester.md)**
Automated GraphQL vulnerability testing |    | Introspection attacks • Query depth DoS • Authorization bypass • Batching abuse
[Learn More](./SYNOPSES/intermediate/GraphQL.Security.Tester.md) |
| **[Docker Security Audit](./PROJECTS/intermediate/docker-security-audit)**
CIS Docker Benchmark scanner |     | CIS benchmarks • Container security • Multiple output formats
[Source Code](./PROJECTS/intermediate/docker-security-audit) \| [Docs](./PROJECTS/intermediate/docker-security-audit/learn) |
## Advanced Projects
| Project | Info | What You'll Learn |
|---------|------|-------------------|
| **[API Rate Limiter](./PROJECTS/advanced/api-rate-limiter)**
Distributed rate limiting middleware |     | Token bucket algorithm • Distributed systems • Redis backend
[Source Code](./PROJECTS/advanced/api-rate-limiter) \| [Docs](./PROJECTS/advanced/api-rate-limiter/learn) |
| **[Encrypted Chat Application](./PROJECTS/advanced/encrypted-p2p-chat)**
Real-time E2EE messaging |      | Signal Protocol • Double Ratchet • WebAuthn • WebSockets
[Source Code](./PROJECTS/advanced/encrypted-p2p-chat) \| [Docs](./PROJECTS/advanced/encrypted-p2p-chat/learn) |
| **[Exploit Development Framework](./SYNOPSES/advanced/Exploit.Development.Framework.md)**
Modular exploitation framework |    | Exploit development • Payload generation • Plugin architecture
[Learn More](./SYNOPSES/advanced/Exploit.Development.Framework.md) |
| **[AI Threat Detection](./PROJECTS/advanced/ai-threat-detection)**
ML-powered nginx threat detection |      | ML ensemble (AE + RF + IF) • ONNX inference • Real-time detection
[Source Code](./PROJECTS/advanced/ai-threat-detection) \| [Docs](./PROJECTS/advanced/ai-threat-detection/learn) |
| **[Zingela Stateless Scanner](./PROJECTS/advanced/zig-stateless-scanner)**
Line-rate stateless mass TCP/UDP port scanner |    | Stateless SYN scanning • SipHash cookies • Cyclic-group permutation • AF_PACKET / AF_XDP
[Source Code](./PROJECTS/advanced/zig-stateless-scanner) \| [Docs](./PROJECTS/advanced/zig-stateless-scanner/learn) |
| **[Bug Bounty Platform](./PROJECTS/advanced/bug-bounty-platform)**
Full vulnerability disclosure platform |      | Full-stack development • CVSS scoring • Workflow automation
[Source Code](./PROJECTS/advanced/bug-bounty-platform) \| [Docs](./PROJECTS/advanced/bug-bounty-platform/learn)
[](https://bugbounty.carterperez-dev.com/) |
| **[Cloud Security Compliance Dashboard](./SYNOPSES/advanced/Cloud.Security.Compliance.Dashboard.md)**
Multi-cloud compliance with CIS, SOC2, HIPAA |      | CIS benchmarks • SOC2/HIPAA compliance • Cost-security optimization • Drift detection
[Learn More](./SYNOPSES/advanced/Cloud.Security.Compliance.Dashboard.md) |
| **[Malware Analysis Platform](./SYNOPSES/advanced/Malware.Analysis.Platform.md)**
Automated sandbox analysis |     | Malware analysis • Sandboxing • YARA rules • IOC extraction
[Learn More](./SYNOPSES/advanced/Malware.Analysis.Platform.md) |
| **[Quantum Resistant Encryption](./SYNOPSES/advanced/Quantum.Resistant.Encryption.md)**
Post-quantum cryptography |    | Post-quantum algorithms • Hybrid encryption • Kyber/Dilithium
[Learn More](./SYNOPSES/advanced/Quantum.Resistant.Encryption.md) |
| **[Zero Day Vulnerability Scanner](./SYNOPSES/advanced/Zero.Day.Vulnerability.Scanner.md)**
Coverage-guided fuzzing |     | Fuzzing • Vulnerability research • Crash triage
[Learn More](./SYNOPSES/advanced/Zero.Day.Vulnerability.Scanner.md) |
| **[Distributed Password Cracker](./SYNOPSES/advanced/Distributed.Password.Cracker.md)**
GPU-accelerated cracking |     | Distributed systems • GPU computing • Hash cracking
[Learn More](./SYNOPSES/advanced/Distributed.Password.Cracker.md) |
| **[Kernel Rootkit Detection](./SYNOPSES/advanced/Kernel.Rootkit.Detection.md)**
Detect kernel-level rootkits |    | Kernel internals • Memory forensics • Rootkit detection
[Learn More](./SYNOPSES/advanced/Kernel.Rootkit.Detection.md) |
| **[Blockchain Smart Contract Auditor](./SYNOPSES/advanced/Blockchain.Smart.Contract.Auditor.md)**
Solidity vulnerability analysis |     | Smart contracts • Static analysis • Solidity security
[Learn More](./SYNOPSES/advanced/Blockchain.Smart.Contract.Auditor.md) |
| **[Adversarial ML Attacker](./SYNOPSES/advanced/Adversarial.ML.Attacker.md)**
Generate adversarial examples |     | Adversarial ML • FGSM/DeepFool • Model robustness
[Learn More](./SYNOPSES/advanced/Adversarial.ML.Attacker.md) |
| **[Reverse-Engineering](./PROJECTS/advanced/rveng)**
Reverse-engineering learning platform. |    | Reverse Engineering • Disassembly • Dynamic & Static Analysis
[Source Code](./PROJECTS/advanced/rveng) \| [Docs](./PROJECTS/advanced/rveng/learn)
| **[Hardware Security Module Emulator](./PROJECTS/advanced/hsm-emulator)**
Software HSM that compiles to a real PKCS#11 `.so` |    | PKCS#11/Cryptoki C ABI (machine-checked vs OASIS headers) • AES-GCM/CBC • RSA/ECDSA/ECDH • Argon2id + encrypted-at-rest • driven by `pkcs11-tool`
[Source Code](./PROJECTS/advanced/hsm-emulator) \| [Docs](./PROJECTS/advanced/hsm-emulator/learn) |
| **[Network Covert Channel](./SYNOPSES/advanced/Network.Covert.Channel.md)**
Data exfiltration techniques |    | Covert channels • Data exfiltration • Steganography
[Learn More](./SYNOPSES/advanced/Network.Covert.Channel.md) |
| **[Automated Penetration Testing](./SYNOPSES/advanced/Automated.Penetration.Testing.md)**
Full pentest automation |    | Pentest automation • Recon to exploitation • Report generation
[Learn More](./SYNOPSES/advanced/Automated.Penetration.Testing.md) |
| **[Haskell Reverse Proxy](./PROJECTS/advanced/haskell-reverse-proxy)**
Functional reverse proxy with security middleware |    | Functional programming • Reverse proxy design • Security middleware • Haskell
[Source Code](./PROJECTS/advanced/haskell-reverse-proxy) |
| **["Monitor the Situation" Dashboard](./PROJECTS/advanced/monitor-the-situation-dashboard)**
Real-time cyber threat situational awareness |      | Threat intel feeds • EPSS/KEV/CVE velocity • BGP hijacks • WebSocket fan-out • 3D globe SOC view
[Source Code](./PROJECTS/advanced/monitor-the-situation-dashboard) \| [Docs](./PROJECTS/advanced/monitor-the-situation-dashboard/learn)
[](https://iminthewalls.com/) |
| **[Honeypot Network](./PROJECTS/advanced/honeypot-network)**
Multi-service honeypot deployment & analysis |      | Honeypot deployment • Attacker behavior analysis • IOC extraction • MITRE mapping
[Source Code](./PROJECTS/advanced/honeypot-network) \| [Docs](./PROJECTS/advanced/honeypot-network/learn)
[](https://honeypot-network.carterperez-dev.com/) |
| **[Supply Chain Security Analyzer](./SYNOPSES/advanced/Supply.Chain.Security.Analyzer.md)**
Dependency vulnerability analysis |    | Supply chain security • Dependency analysis • Malicious packages
[Learn More](./SYNOPSES/advanced/Supply.Chain.Security.Analyzer.md) |
---
## Learn More
**[Certification Roadmaps](./ROADMAPS/README.md)** - Career paths for SOC Analyst, Pentester, Security Engineer, GRC Analyst, and 6 more tracks
**[Learning Resources](./RESOURCES/README.md)** - Tools, courses, certifications, YouTube channels, Reddit communities, and security frameworks
**[CertGames](https://certgames.com)** - The platform I built to do all of this in one place: practice questions, Learn lessons, guided projects, and these roadmaps with progress tracking. FREE
## License
[AGPL 3.0](LICENSE).