Build Your Keylogger (For Ethical Purposes Only) : Demonstrate the way keyloggers work, especially for mild cases, by creating a harmless version of a keylogger. You will gain more insight into how to intrude into systems and what countermeasures may be applicable to thwart an event based on your learning experience.  

Virtual Machines (Your Home Lab) : This exercise will help you understand how to simulate attacks and defenses within a virtual lab using Kali Linux, Metasploitable, & pfSense (Application Firewalls).VMware Workstation is a well-known option for Windows machines that provides advanced features and solid performance.

Use Python to Write a Vulnerability Scanner : Develop a vulnerability scanner that checks for open ports, outdated software, & weak configurations across a network. Responsibly using vulnerability scanners – on systems or networks for which you have documented authorization to scan – is vital. Unauthorized scanning could lead to an unwanted legal situation.

Password Cracker (Using Hashcat or John the Ripper) : Get a deeper dive into password security than ever before by cracking password hashes and learning about brute-force with per-dictionary attacks. Functions like building and using password crackers can be harmful and illegal (gaining unauthorized access to systems or accounts). I cannot provide anything that would allow you to do.

Simulated Phishing Awareness Training : Create fake phishing emails so your organization can use them to determine the current level of awareness training, and improve their phishing awareness training to be a little bit better every time you run a new test. According to IBM, these simulations involve sending simulated phishing communications. 

Create a 2FA Secure Login System : Show off your web security expertise by developing a login system that utilizes multifactor authentication using either Python or JavaScript!Popular authentication types for 2FA include SMS-based verification, authenticator apps that generate time-based one-time passwords (TOTP), email verification, hardware security keys, and biometric authentication.

Create an Intrusion Detection System with Snort or Suricata : Install and configure an IDS to detect and log malicious behavior on your network, just like the SOC analysts that are working with you in the real world. Establishing an Intrusion Detection System (IDS) is an essential mechanism for monitoring your network for malicious behavior and potential threats.

Join our WhatsApp Channel to get the latest news, exclusives and videos on WhatsApp