PORTFOLIO-GRADE PROJECTS
New projects added every week

Build the security portfolio that wins interviews

Multi-step assignments modelled on real SOC, hardening, compliance, pentest, and cloud security work. Produce reports, configs, runbooks, and evidence packs you can actually show in interviews.

  • Portfolio-grade deliverables
  • Earn XP per submission
  • Beginner to advanced
Browse all projects
Projects
XP available
Topic areas
6
projects/soc-investigation-report.workspace

Featured project

SOC Investigation Report

Write up a phishing → credential-theft incident

Intermediate
Deliverables3 / 5
  • Recon & enumeration notes
  • Vulnerability writeup (CVSS + evidence)
  • Detection rule + runbook
  • Remediation plan & owner mapping
  • Stakeholder summary report
+200 XP~4hFile upload
Submit
SOCCompliancePentestCloud

Browse Projects by Cybersecurity Topic

Each topic mirrors real on-the-job work so the projects you finish double as portfolio artefacts hiring managers actually ask about.

SOC & Detection Projects

Build the kind of artefacts SOC analysts produce every day — investigation reports, detection rules, runbooks, and alert triage notes.

Incident reportDetection ruleRunbookTriage notes

Level: Beginner to Intermediate

Explore soc & detection projects

Linux & System Hardening

Apply CIS-style controls to a Linux server, document evidence, and produce a hardening checklist that maps changes to requirements.

Hardening checklistConfiguration evidenceBefore / after notes

Level: Beginner to Intermediate

Explore linux & system hardening

Compliance & GRC Projects

Practice SOC 2, ISO 27001, and CIS evidence collection — control mapping, evidence packs, access reviews, and audit walkthroughs.

Control mappingEvidence packAccess review log

Level: Beginner to Intermediate

Explore compliance & grc projects

Pentest & Reporting

Turn raw findings into the kind of structured deliverables clients pay for — recon reports, vulnerability writeups, and remediation plans.

Recon reportVulnerability writeupRemediation plan

Level: Intermediate to Advanced

Explore pentest & reporting

Cloud & DevSecOps

Design IAM policies, review IaC, build a secrets-management plan, and produce CI/CD security baselines for a sample cloud workload.

IAM designIaC reviewSecrets policyCI/CD baseline

Level: Intermediate to Advanced

Explore cloud & devsecops

Incident Response Projects

Plan an IR program, run a tabletop exercise on paper, and produce post-incident reports with root cause and lessons learned.

IR planTabletop scenarioPost-incident report

Level: Intermediate

Explore incident response projects

Latest Security Projects

Recently published projects you can start right now. Submit deliverables, earn XP, and grow your hands-on portfolio.

How PentesterWorld Projects Work

A simple four-step flow that takes you from picking a project to a portfolio-ready deliverable.

1

Pick a project

Browse projects by topic and difficulty. Each project shows the deliverables, estimated hours, and XP reward upfront.

2

Follow the instructions

Work through the multi-step instructions just like a real assignment — build, document, configure, or analyse.

3

Submit your deliverables

Upload your files, paste links, or check off completed items. Add notes to explain decisions and trade-offs.

4

Earn XP and build a portfolio

Approved submissions earn XP and become part of your practical portfolio — the kind of work hiring managers ask about.

Why Build Cybersecurity Projects

Projects produce the kind of evidence interviewers actually ask for — reports, configs, and runbooks, not just course completions.

Build a real portfolio

Walk into interviews with concrete artefacts — runbooks, reports, hardened configs — instead of only listing certifications.

Mirror real job tasks

Every project is modelled on the work SOC analysts, pentesters, compliance teams, and DevSecOps engineers actually do.

Practice writing & reporting

Strong cybersecurity work is written down. Projects give you reps at incident reports, recon notes, and audit evidence.

Earn XP and badges

Submitted projects add XP to your profile, push you up the leaderboard, and unlock achievements as you grow.

Apply what you study

Projects pair with tutorials, labs, and quizzes — so theory immediately connects to a tangible deliverable.

Track your growth

Submitted projects are saved on your dashboard. Look back to see how your reports, configs, and reasoning have improved.

Who PentesterWorld Projects Are For

Projects work for learners at every stage — from students building their first portfolio to professionals practising new specialisations.

Students & freshers

Replace empty resumes with practical projects that prove you can write a report, harden a server, and reason about risk.

SOC & blue-team learners

Build runbooks, detection rules, and incident reports modelled on the artefacts real SOC teams maintain.

Ethical hacking learners

Produce structured pentest reports, recon notes, and remediation plans — the deliverables clients actually pay for.

Compliance & GRC analysts

Practice evidence collection, control mapping, access reviews, and audit walkthroughs without waiting for a real audit.

DevSecOps & cloud engineers

Design IAM, secrets, CI/CD security, and IaC reviews on sample workloads before you touch production.

Career switchers

Bridge the gap from IT, dev, or sysadmin into cybersecurity with portfolio-worthy artefacts to show in interviews.

Connect Projects to the Rest of Your Learning

Projects pair naturally with tutorials, labs, challenges, and quizzes — so theory always ends in a tangible artefact.

Related Tutorials

Learn the concept, then build the deliverable.

Explore →

Related Labs

Practise the technique before producing a full report.

Explore →

Related Challenges

Combine challenges and projects for end-to-end work.

Explore →

Related Roadmaps

Follow a structured path with projects built in.

Explore →

Get New Cybersecurity Projects in Your Inbox

Subscribe to get notified when new SOC, hardening, pentest, compliance, and cloud security projects are published.

Projects FAQ

Common questions about submissions, XP, formats, and how projects connect to labs and challenges.

Do I need an account to start a project?

You can preview projects without an account, but to save and submit deliverables you need to be signed in. Sign-in is free.

How are projects different from labs?

Labs are short, guided technical exercises. Projects are multi-step assignments with deliverables — closer to real on-the-job work.

What does a submission look like?

It depends on the submission type — a checklist, a file upload (PDF, screenshots, configs), a written report, or a link to your work.

How is XP awarded?

Each project lists an XP reward. Submissions that meet the deliverables earn the full XP once approved by the system or a reviewer.

Can I redo a project?

Yes. You can resubmit a project to improve your work; your latest submission is shown on your dashboard.

Can I share my project work publicly?

Yes — many learners share submission summaries on LinkedIn or GitHub as part of their portfolio. Just respect any sample data licences.

Start building your security portfolio today

Pick a project, work through the multi-step instructions, submit your deliverables, and earn XP while building a real portfolio of cybersecurity work.

Browse all projectsCreate free account