Learn Cybersecurity
Browse our list of curated database of projects, exercises, and lessons to learn cybersecurity
🏛️ Understanding the key components of the organizational and operational framework in Spain's National Security Scheme (ENS)
🔒 Understanding the framework and how to implement it for ISO 27001 certification. Conducting risk assessment and implementing controls.
🛡️ Understanding the key aspects of regulatory compliance in data loss prevention (DLP) for GDPR, PCI-DSS e HIPAA. Implementing DLP controls and managing exceptions and false positives
🛡️ Understanding the critical role of DLP in protecting sensitive information. Types of sensitive data and data leakage channels.
Understanding Privilege Escalation: How Attackers Exploit Vulnerabilities to Gain Unauthorized Access
Understand and exploit vulnerabilities of local and remote file inclusion in web applications.
Understanding and exploiting vulnerabilities in access control mechanisms
Learn essential firewall evasion techniques to bypass Web Application Firewalls (WAFs) and enhance your cybersecurity skills. Master methods like encoding, parameter tampering, and more in this concise, practical lesson for security professionals.
Exploring IDS/IPS Tools: Snort, Suricata, Quickdraw, Zeek, OSSEC, and Wazuh - Advanced Protection for Networks and Control Systems
What is Metasploit and how to use it for pentesting, key components and complementary tools
Understanding the Legal Landscape of Cybersecurity in The United States of America: Key Laws, Regulations, and the Role of Incident Response Plans in Protecting Digital Infrastructure.
Planning, Reconnaissance, Scanning, Exploitation, Post-Exploitation, Analysis and Reporting, Remediation and Validation
Discover the Top 10 Security Best Practices for Cloud Clients: From Data Protection to Operational Security and User Management
Protecting Data: Wireless Security in Wi-Fi Networks. Avoid Threats and Vulnerabilities, Keep Your Connection Secure.
Intrusion Prevention Systems (IPS) are vital for cybersecurity, actively neutralizing threats in real-time. With 70% of organizations facing cyberattacks, understanding IPS can enhance your network's defense strategy and protect sensitive data effectively.
Protecting Information: Threats, Vulnerabilities, and Security Measures
Network security protects the access, use, and integrity of network data. It includes firewalls, antivirus, email security, VPNs, and access control. It prevents threats and ensures that only authorized users access resources.
Learn how to enhance network security by configuring packet filtering rules in a firewall.
Explore the critical aspects of network security, including authentication, access control, threat management, and data protection.
Optimiza la seguridad de tu servidor: Configuración del firewall, gestión de usuarios y registros de auditoría en Linux. Aprende paso a paso.
Administra servidores: Instala Linux en Máquina Virtual. Descubre conceptos, ventajas y más. ¡Comienza ya!
Discover how to manage packages and software in Linux: installation, update, uninstallation and dependency management efficiently and safely.
Explore the fundamentals of computer networks, from different types to key protocols and essential devices. Learn more about IP addresses, routers, and switches!
Explore the realm of cybersecurity as we delve into the differences between cyber threats and cyber attacks. Uncover the ten most common cyber threats and gain insights into prevalent cyber attacks.
3hrs average
This final project aims to simulate a comprehensive cybersecurity exercise where students assume the role of cybersecurity analysts tasked with restoring and protecting a compromised server at 4Geeks Academy. The project is divided into three phases: forensic analysis, vulnerability detection and correction, and incident response planning.
3hrs average
Conduct a sensitive data analysis for a fictional organization. Identify and classify sensitive data types, map data flows, and identify risk points. Learn essential skills for implementing effective DLP strategies.
4hrs average
Learn how to create a simulated network environment that includes a Demilitarized Zone, configure firewalls, gateways, and network detection systems, and ensure network security.
4hrs average
Master red team tactics with dozens of hands-on exercises focused on exploiting the OWASP Top 10 vulnerabilities. Perfect for ethical hackers and penetration testers looking to sharpen their offensive security skills.
2hrs average
This project aims to teach students how to exploit vulnerabilities found in a vulnerable machine (Metasploitable) during the reconnaissance phase. It includes detecting exploitable vulnerabilities, performing exploitation, privilege escalation, and documenting the process. Note: Post-exploitation activities are not included.
1hrs average
This practice will guide you through the process of installing bWAPP using a pre-configured virtual machine (BeeBox), including steps for setting up and customizing the environment for web security testing.
2hrs average
Learn the use of Nmap for network analysis and vulnerability detection.
2hrs average
Learn how to install Kali Linux on a virtual machine to explore and use this powerful security tool in a safe and flexible environment.
2hrs average
Learn how to use iptables to block incoming requests by protocol or port
3hrs average
Analyze the elements of a network, and identify where are being applied the concepts you already know
🛡️ Understanding the key components of the implementation and security measures in Spain's National Security Scheme (ENS)
🔒 Understanding the certification process, audit preparation, common findings, and maintenance of certification
🛡️ Understanding the key aspects of designing effective DLP policies, implementing DLP controls, and managing exceptions and false positives
Wazuh is an open-source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It offers threat prevention, detection, and response capabilities through its integrated modules.
Learn all about Buffer overflow and how to exploit this vulnerability
Discover the Causes, Consequences, and Solutions of NoSQL Injection: A Comprehensive Guide to Preventing and Mitigating Vulnerabilities in NoSQL Databases
Learn everything about SQL Injection
How to evade firewalls using tools like NMAP, VPNs and verify bypass Methods for Optimized Network Security**
Identify vulnerabilities like lack of anti-CSRF tokens in HTML forms and learn effective solutions to mitigate CSRF attacks and enhance security.
Learn how to install and use Metasploitable 2, a vulnerable virtual machine designed for practicing penetration testing and enhancing cybersecurity skills. This guide covers common vulnerabilities and installation prerequisites, offering detailed instructions for setting up Metasploitable 2 on VirtualBox.
Mastering Information Gathering for Penetration Testing: Essential Techniques and Tools for Effective Reconnaissance
Discover the Top 10 Practices to Ensure Security in Your Web Hosting and Protect Your Data and Business Reputation.
Identify Key Risks and Challenges in Cloud Migration: From Misconfigurations to Data Leaks and Insider Threats
Optimizing Network Security with Firewalls: Types, Advantages, Disadvantages, and Architectures - Complete Guide
Comprehensive Guide to Intrusion Detection Systems (IDS): Types, Functionality, and Best Practices for Network Security
Strengthen the security of your applications: Strategies, tools, and best practices to protect your data and users against cyber threats
Explore top virtual machines for cybersecurity training, including Metasploitable, DVWA, and OWASP WebGoat. Master skills like SQL injection, XSS, and network security through hands-on labs. Ideal for beginners to advanced learners. Enhance your cybersecurity expertise effectively.
Discover solutions to common issues on VirtualBox. From installation errors to performance problems, our guide covers everything you need to know to troubleshoot effectively.
Discover the basics of the command line: how to navigate, manipulate files and manage permissions in Linux. Learn from scratch in this complete tutorial!
Conoce como configurar los servicios básicos de red para mejorar la seguridad de tu servidor.
Linux security basics and best practices: how to secure your system, manage users, strong passwords, firewalls, and more.
Explore the essential functions of security incident management. Learn how organizations detect, respond to, and mitigate security threats for damage minimization and regulatory compliance
Explore the basics of IT and ICT, programming languages, understand the importance of cybersecurity and dive into the history of computer science.
Understanding Global Frameworks and Their Impact on Cybersecurity Practices
Explore the diverse disciplines within cybersecurity, its crucial role in protecting sensitive data, and the three pillars: Confidentiality, Availability, and Integrity.
5hrs average
This project guides students through the process of developing a foundational Information Security Management System (ISMS) for a public organization. Students will define the scope, conduct a risk assessment, select appropriate controls, and document security policies and procedures. The project aims to develop practical skills in risk assessment, policy development, and applying a risk-based approach to information security in a public sector context.
4hrs average
Learn how to install Wazuh on a virtual machine, configure Linux endpoints, collect and analyze logs from multiple sources, and simulate attacks to monitor with Wazuh's SIEM (Security Information and Event Management) capabilities.
2hrs average
Learn how to execute one of the most popular hacks on Windows: The Reverse Shell, and also learn to execute basic and administrative Windows commands remotely through a reverse shell, simulating a hacking attack from Kali Linux to Windows 10.
2hrs average
This project aims to consolidate the knowledge gained from previous pentesting exercises to propose preventive measures against identified vulnerabilities. The focus is on developing a comprehensive report that details identified vulnerabilities, exploitation techniques used, and recommendations for preventing future exploits.
1hrs average
This project aims to teach students how to perform the reconnaissance phase on a vulnerable machine (Metasploitable). It includes steps for finding the target's IP address, gathering information about the operating system and versions, enumerating ports and services, and describing potential vulnerabilities and breaches.
2hrs average
Learn how to configure a secure server using OpenSSL to provide secure communications via SSL/TLS.
3hrs average
Learn how to install DVWA on a virtual machine to practice and report SQL injection vulnerabilities according to ISO 27001 standards.
2hrs average
Learn how to generate artificial traffic on the WordPress site and implement monitoring tools to detect surges in requests and evaluate server performance.
3hrs average
Generate a script to backup a Wordpress website including its data and save it in a compressed file.
3hrs average
Setup a network with Packet Tracer, and implement Access Control List to ensure the correct use of the servers in it.
🛡️ Understanding the fundamentals of spain's National Security Scheme, its importance in information security management, and the certification process
🔒 Understanding the fundamentals of ISO 27001, its importance in information security management, and the certification process
🛡️ Understanding the key strategies and technologies for Data Loss Prevention (DLP). Protecting data at rest, in motion and in use. Implementing DLP controls and integrating DLP into existing infrastructure.
Exploring EDR Systems: Advanced Protection and Threat Detection for Modern Enterprises
How Attackers Use Vulnerabilities to Gain System Control and Perform Privilege Escalation Attack
Learn about Server-Side Request Forgery (SSRF), its impact on web security, and how to protect against this dangerous vulnerability. Includes real-world examples and prevention techniques.
Learn about Broken Authentication, its impact on web security, and how to protect against this OWASP Top 10 vulnerability. Includes real-world examples and prevention techniques.
🔍 What is Cross-Site Scripting, examples and how to recreate the attack or prevent it on you web application
🔍 What is OWASP and why is it so important for mastering cibersecurity
Documentation of activities performed during penetration testing: Key Steps for Detailed, Clear, and Effective Reporting
Explore the world of security incidents, incident response, and the importance of an Incident Response Plan (IRP) in Spain's cybersecurity field
Master Pentesting: Essential Tools for Security Assessment - Explore Info Gathering, Exploitation, Vulnerability Analysis & More!
Choosing a web hosting vendor can be challenging, in the article we analyze the most popular web hostings from a security point of view
Protecting Your Digital Assets: Key Concepts of Cloud Security for Businesses and Users - Everything You Need to Know About Cloud Security
Explore the world of Access Control Lists (ACLs) in networking: types, implementation, and application for efficient security.
Protect your information with these practical and effective end user security best practices and decaloge
Explore the significance of cybersecurity awareness in today's digital landscape and its crucial role in protecting individuals and organizations.
Planificación y ejecución de respaldos: Garantiza la seguridad y disponibilidad de tus datos. Aprende estrategias y herramientas para respaldar y recuperar información de manera efectiva.
Prácticas esenciales para la administración segura de usuarios y grupos en servidores Linux: Gestión eficiente y asignación adecuada de permisos.
Manage users and groups in Linux: practical guide for security and efficiency. Create, manage and assign permissions securely. Optimize your system!
5hrs average
Get to know the possibilities of connection between virtual machines in VirtualBox
Explore the fundamentals of the Security Triad (CIA: Confidentiality, Integrity, Availability) and safeguard your data in the digital realm.
Empowering Tomorrow's Cyber Guardians: Dive Into Our Intensive 16-Week Cybersecurity Bootcamp for Lucrative Career Opportunities!
Uncover the vital role of legal and regulatory compliance in cybersecurity. Learn about ISO 27001, ENS, and NIST standards.
3hrs average
This project aims to guide students in creating security policies for Data Loss Prevention (DLP) within an organization. The first part focuses on applying the principle of least privilege to ensure that only authorized personnel have access to sensitive data. The goal is to protect confidential information through structured policies and procedures. The second part involves implementing restrictions on USB device usage to prevent data leaks, directly linked to the DLP policies established in the first part.
3hrs average
Learn how to install Wazuh on a virtual machine, configure Linux endpoints, and simulate threat activities to monitor with Wazuh's EDR (Endpoint Detection and Response) capabilities.
2hrs average
Learn how to perform a buffer overflow exploit vulnerable from a Kali Linux machine.
2hrs average
This project focuses on teaching students how to exploit vulnerabilities found in a vulnerable web application (DVWA) using Metasploit. It includes confirming vulnerabilities, exploiting them, performing privilege escalation, and documenting the process. Note: Post-exploitation activities are not included.
1hrs average
This project aims to teach students how to perform the reconnaissance phase on a vulnerable website (bWAPP in BeeBox VM). It includes steps for network scanning, service enumeration, domain information gathering, vulnerability scanning, and brute forcing directories and files.
1hrs average
develop practical skills in securing a wordpress installation through the setup of firewalls and ACLs
2hrs average
This practice will allow you to better understand spoofing and DoS techniques, as well as their effects in a web environment.
2hrs average
Learn how to make a basic deployment of a website with Wordpress, one of the most popular content management software.
5hrs average
Create a network between 2 virtual machines and with access to the external network. Perform tests to validate the connection.