If you’re a security researcher you must be wondering what to do with your spell then obviously you can go hunting for bug bounties but sometimes you want to do something different something more creative and out-of-the-box so here in this article I’m going to share with you five types of fantastic side projects that you can work on which will definitely help you level up your game in this.
1)- First With your own map the advantage of building your own labs is that you can try the latest exploits without getting afraid of being caught or destroying someone’s computer how helpful that can be, So go to your neighborhood computer store grab an 8 port LAN switch and borrow the computers your friends are going to throw of it. Install all the operating systems you want and make them talk to each other then you are now the king of your own network. I still prefer the physical network or a virtual environment because being able to reboot the machine by pressing the button is an awesome feeling.
2)- Make a malware analysis sang-bong malware isn’t going to go away in fact most of the antivirus comes with be that they have lost the war against malware simply because more and more malware is being produced every day there are very few researchers out there this is where a virtual machine would come and create a VM of the OS of your choice install monitoring scripts that would keep track of the file system Network and process activity and then load and execute the malware it will help you understand the internals of the operating system as well as the functionality of the malware way before the reverse engineer terrible.
3)- Website scraper a website scraper is a very important tool in the internet age but more importantly the website scraper is the base of every web vulnerability scanner out there when you build the website scraper you get to understand how HTTP requests works the advantages of the HTTP protocol flaws of cookies and session IDs bypassing capture Ddos attacks and much more in fact you get bonus points if you are able to bypass the web your bug bounty might come much sooner than expected.
4)- Keystroke logger a keystroke logger is a fantastic tool for security researcher in fact there should be a whole subject in graduation dedicated to this tool take the challenge of building a software that monitors activity of a computer like keystrokes mouse clicks, files open, email sync etc,. this will happen in the background without taking a lot of system resources and without triggering the endeavor also can you make it run at boot time and hide it from the list of actual processes.
5)- Log analyzer one of the most repetitive and essentially boring tasks security experts must do is log analysis the traditional way of log analysis is time-consuming just like finding a needle in a haystack no matter how could you get at crap set and off this thing takes a veil of your time if you could write a tool with the help of some machine learning techniques that would analyze the logs and present the result in a short and concise way.
You will be the next god of cyber security and if you are not much of a programmer you can still use Splunk or elk or anything like that to get the results you want I tried all these projects at various stages of my career and I find them very helpful because they gave me a very clear perspective so what are you waiting for get started with the one that suits you the best.