Lots of tech and non-tech people alike are wondering how they break into the field of cybersecurity. Without getting into why this is the case, I generally recommend people gain some street cred. One fun way is to embark on a few projects at home. Not only could you find some use for these projects, but it also gives you something to discuss at an interview or when you network with others in the field. These free projects to learn cybersecurity are excellent opportunities to learn a thing or two.
What do I need to get started?
It’s surprisingly simple to get started in this space! You often don’t need amazing hardware specs to do many things. Usually, the special hardware comes from scaling things to enterprise-grade. I broke things down into a few categories to help.
- The cloud! Many cloud providers offer a free tier, sometimes for a period of time. AWS offers a year of free tier. Before using the cloud however, you may want to consider if you want to start paying for your project after a year.
- Old hardware – You might have an old computer laying around, maybe a laptop. Keep in mind old hardware may not be the most energy efficient, and keeping it running might add a little expense to your electric bill. something else to consider with older hardware is reliability with moving parts, such as fans or even a spinning hard drive. You also have to consider the space of this old hardware! If you can find an old laptop, it has everything you need combined, monitor, keyboard, etc.
- Hobby hardware – The first thing that comes to mind is a raspberry pi. There are several more in this category and what I like about this option: tons of online support, silence, low power and reliability.
- Virtual machines – Similar to the cloud, but you need a machine that can host these virtual machines and you may need to keep it on. This is also a very easy way to try things out.
- Adapters & accessories– Depending on your setup and what project you choose, you may need to get some adapters. Things like an extra wifi or ethernet adapter, maybe even a thumb drive, or CF card.
Tell me about these projects!
Some of these projects are defensive, some are offensive or analytical. For each project, I will describe the ease of setting up this project, what you need for it, the skills you learn, and the jobs that you may target with the experience you gain from the project. Keep in mind, have fun with these!
Nmap
This list couldn’t start without nmap! I remember watching the matrix in theatres and practically squealing when they used nmap vs a made-up tool. The matrix has been around for a while, and any hacker or cyber defense professional should be familiar with this tool to scan for ports.
NOTE: Be careful installing, running, and using this in production networks, or any other place beyond your lab. Using this tool can is viewed as hacking when you don’t have authorization to do so.
Difficulty: Super easy! Installs are available for most operating systems and some have it built in.
What you need: Wherever you can install it, you can use it. You also want to validate no firewalls, especially local firewalls, are in-between you and the target.
Jobs you will need this experience: Threat hunter, penetration tester (hacker) in a red/blue/purple team, Security or SOC Analyst.
Skills you gain: Networking, ports protocols, firewalls, intrusion detection and evasion
Splunk
I really think one of the reasons this company has gained so much traction is because they give a (mostly) free version for you to play with it. You can run all of the software on one machine. Enterprise configurations will break up the components across multiple enterprise grade servers. I’ve ran this software on virtual machines, as well as old hardware.
Difficulty: Easy to setup, moderate to difficult to use.
What you need: A log source! You need some device, like a firewall to feed logs to Splunk. Minimal hardware requirements, such as 1 CPU, 1GB of ram, and 1 GB of space.
Jobs you will need this experience: Security Analyst working in a Security Operations Center (SOC), Solution or Security Architect building or designing the solution. Security Engineer building the solution.
Skills you gain: Familiarity with this popular tool that you are likely to encounter in the enterprise. Log/incident analysis. regular expressions. You can also dig into data visualization.
PFSense
This is one of my favorite projects and I have used it off and on for nearly 15 years. The most secure variant of Unix, OpenBSD, used Packed Filtering (PF) as a firewall. This project started as a way to wrap PF in a friendly web interface for a firewall. They have a library of add-ons, making it easy to install other open-source projects, to extend functionality. I haven’t seen too many enterprise deployments of this software, but I have seen the SOC use this to separate their network and for lab uses. This is an excellent project to feed data into a log collection source for analysis, like Splunk.
Difficulty: Moderate to setup and use. (depending on knowledge gap).
What you need: While you can use a virtual machine (and I have), I recommend starting out on dedicated hardware. You will need 2 network adapters and hardware that works with your internet speeds. I have ran pfsense on an old netbook that was running a single core atom processor with 1gb of ram and 100 mb up/down Internet connection. One of the adapters can be built in if it’s detected during install. At one time raspberry pi was not a good option, but this reportedly works well since the raspberry pi version 4. I haven’t tried this on a gigabit connection yet!
Jobs you will need this experience: Security engineer, firewall engineer, security analyst.
Skills you gain: Deeper understanding of networking and network access control.
Pi-hole
While this project doesn’t need to run on a raspberry pi, it works great even on the lower-power W version. It’s a DNS black-hole project, specifically designed to block ads on your network. DNS-blackhole is where you force DNS resolution to a blackhole, disrupting communications. To explain more: When you type in a name into your browser, say: www.senseofitall.com, the name has to resolve to an IP address. This project will create a local DNS server, that will prevent domain resolution from working. The project by default will block ads, but you can block all sorts of things and analyze your network. Some people even detect malware with this tool.
Difficulty: Easy!
What you need: Raspberry pi works great, but you can install this on any hardware. I haven’t personally used the cloud, but don’t see why it wouldn’t work. You need access to your router to point to the IP of this DNS server you setup.
Jobs you will need this experience: Security Engineer, threat hunting
Skills you gain: DNS understanding, operations and defense analytics
Kali
Kali is the most popular distribution for penetration testing. It’s very actively updated and supported. Many videos and tutorials exist on how to use it. You have likely heard of this distribution, and I think exploring this tool is a great idea for anyone interested in security to understand tools and techniques used on the offensive side. After installing this distribution, many tools will be available at your finger tips, some are not just for penetration testing. To name a few: metasploit, nmap, OpenVAS and Lynis.
Difficulty: Easy!
What you need: virtual machine, old hardware or something like a raspberry pi. I don’t recommend using this in the cloud, as your activity may be viewed as hostile.
Jobs you will need this experience: Penetration testing, cyber defense/analyst roles
Skills you gain: Penetration testing methodologies, launching exploits, vulnerability discovery/testing, information gathering (and many more).
Conclusion
Breaking into security (pun intended) by getting cyber experience is something you can do on your own time for free. I would definitely recommend follow your interest! I would also recommend that after you have worked on a few of these projects, to create a section on your resume called “personal projects” and list things like: Built a home security log collection and analysis capability using Splunk. These will get your resume flagged and give you an opportunity to talk about your project when interviewing.
Plenty of other projects exist! If you have any you think I should mention, leave them in the comments.