Build your team’s skills with hands-on projects

Help your team gain practical cybersecurity experience and test their skills through a series of real-world scenarios.

Claim your FREE 7-day trial

Apply new cybersecurity skills

Projects are a series of hands-on exercises designed to reinforce your team’s skills and provide real-world cybersecurity experience. Each exercise tests the practical application of key topics covered in the associated learning path.

As your team works through the challenges, they’ll put what they learned into practice, gain hands-on experience and build confidence around their new skills.

Start practicing

Watch the introduction video, download the files and work through a series of challenges

Reinforce knowledge

Revisit the material or get hints from the instructor when stuck on a difficult challenge

Validate new skills

Check if each challenge was solved correctly — or if there are areas where your team can improve

Project library

Cryptography and Cryptanalysis Project
Projects
Cryptography and Cryptanalysis Project

Cryptography and Cryptanalysis Project

Six challenges will test your applied cryptography skills. In this project, you’ll need to find information in encrypted network traffic, circumvent obfuscation to examine malware network communications and configuration samples, break down a hash function operation to find a specific input value and find the values of obfuscated passwords and cookies.

Estimated project time: 2 hours, 10 minutes

Cybersecurity Data Science Project
Projects
Cybersecurity Data Science Project

Cybersecurity Data Science Project

In this project, you’ll analyze a malware sample using classifiers provided in the project files — or with ones you build yourself. You’ll begin by creating a virtual machine for the project and exporting its image in the OVA format, then extract the list of imports and identify the most commons 4-grams in the binary sequence in the Jigsaw ransomware sample. You’ll recognize images created with deepfakes and determine text in a large number of CAPTCHA images.

Estimated project time: 2 hours, 12 minutes

Mobile Application Pentesting Project
Projects
Mobile Application Pentesting Project

Mobile Application Pentesting Project

Twenty-four practical exercises in this project allow you to hone your iOS and Android application pentesting skills. You will use popular tools such as dex2jar and Hopper, practice working with ADB (Android Debug Bridge) and exploit various application vulnerabilities, including side-channel data leakage, broken cryptography, developer backdoors, insecure data storage and many others.

Estimated project time: 4 hours

Network Traffic Analysis for Incident Response Project
Projects
Network Traffic Analysis for Incident Response Project

Network Traffic Analysis for Incident Response Project

In this project, you will need to apply your knowledge and use common network traffic analysis tools to solve multiple challenges. Each challenge involves examining a network traffic capture file containing evidence of malicious activity, such as malware infection, data exfiltration and C2 (command-and-control) communications. You’ll need to find leaked credentials, analyze an attempted DDoS attack, extract files from captures and even more.

Estimated project time: 1 hour, 29 minutes

NIST Cybersecurity Framework Project
Projects
NIST Cybersecurity Framework Project

NIST Cybersecurity Framework Project

In this project, you’ll meet the challenge of performing a gap analysis to determine the current state of the organization, compared to the target state. You’ll practice determining and adjusting impact levels with information from FIPS 199 and NIST SP 800-60 and identifying the high-water mark from the impact levels. You’ll select, map and tailor controls from the NIST SP 800-53 catalog.

Estimated project time: 2 hours, 13 minutes

NIST DoD RMF Project
Projects
NIST DoD RMF Project

NIST DoD RMF Project

In this project, you’ll be applying the process for selecting system impact levels and choosing security controls based on them. Based on a given scenario, you’ll define the types of potential losses for confidentiality, integrity and availability and define the impact levels of low, moderate and high. You’ll complete the NIST FIPS 200 worksheet for system categorization and perform other tasks related to the RMF application process.

Estimated project time: 2 hours, 17 minutes

OWASP Top Ten Project
Projects
OWASP Top Ten Project

OWASP Top Ten Project

In this project, you’ll be introduced to five scenarios involving examples of common web application vulnerabilities and attacks. You’ll need to analyze examples of application log entries and payloads sent to be processed and identify the type of vulnerability that is being exploited in each scenario. What are the potential consequences of a successful exploitation? What mitigation options can be implemented?

Estimated project time: 2 hours, 14 minutes

Secure Coding Fundamentals Project
Projects
Secure Coding Fundamentals Project

Secure Coding Fundamentals Project

Apply the hacker mindset to application security by solving the multiple challenges included in this project. You’ll need to identify vulnerabilities in the provided applications and code samples and discover how those vulnerabilities could be exploited by an attacker. See for yourself how security errors in code can lead to compromised credentials, SQL injections, and buffer overflow and Cross-Site Scripting (XSS) attacks.

Estimated project time: 2 hours, 8 minutes

Web Application Pentesting Project
Projects
Web Application Pentesting Project

Web Application Pentesting Project

This project is built on a real bounty-based CTF challenge hosted by Infosec. Each of its levels represents a vulnerable Web application and is based on the OWASP Top Ten list of the most common web application security risks, including SQL injection, Cross-Site scripting (XSS), broken authentication and more. You’ll need to apply all your knowledge about web application vulnerabilities and use many different tools and browser utilities to solve the challenges.

Estimated project time: 3 hours, 18 minutes

Web Server Protection Project
Projects
Web Server Protection Project

Web Server Protection Project

Secure a real web server in this hands-on project containing ten challenges. You will need to work with an Apache web server installed on a virtual machine to implement network filtering, add cookies to access log, harden the host OS, identify tampered binary files and complete other tasks to ensure that your web server is properly protected.

Estimated project time: 2 hours, 42 minutes

Windows 10 Host Security Project
Projects
Windows 10 Host Security Project

Windows 10 Host Security Project

Multiple challenges within this project allow you to practice securing Windows 10 hosts. You’ll begin by setting up a secure Hyper-V lab environment. Next, you’ll practice locating and enabling the virtual trusted platform module and virtualization-based security, encrypting data with BitLocker, sharing files and modifying user permissions, verifying port security provided by Windows Firewall and much more.

Estimated project time: 2 hours, 24 minutes

Plans and pricing

Personal

$299

Annually

Teams

$599 / license

Annually. Includes all content plus team admin and reporting.