Building a Cybersecurity Homelab project will help your career big time. It will allow you to easily and quickly grasp the concepts that those lengthy textbooks try to convey to you.
A Cybersecurity Homelab is a physical or virtual testing ground environment for practicing and improving your cybersecurity skills. Its purpose is to provide a safe and controlled environment to learn, test security tools, and develop effective security strategies.
The Project section of your resume is the ideal substitute for your work experience deficit. It is a must, especially for entry-level professionals. This is why in the next lines, I present three Cybersecurity Homelab projects that you can implement and practice today.
Why should you Build a Cybersecurity Homelab Project?
There are several reasons to build a cybersecurity homelab. The bottom line is that a cybersecurity homelab allows you to experiment things that are normally not recommended to try in the real world.
Charles Kettering said it best: “There is a great difference between knowing a thing and understanding it. You can know a lot and not really understand anything”. If you really want to understand technical skills. You have to get your hand dirty. This had always been the case for me.
And with networking and security, that means having a place where you can practice and test things out yourself. Which is exactly what a Homelab provides you.
What Cybersecurity Homelab Projects can you include on your resume?
Here are three Cybersecurity Homelab projects you could include on your resume to show a better impression in job interviews:
- Building a Cybersecurity Homelab for Detection & Monitoring
- Set up a SIEM in Azure
- Building a Penetration Testing Lab
We will talk about each and every project above in more detail later in this article.
Let’s talk first about the most common mistakes that people do while building their cybersecurity homelab projects.
Spending money recklessly
You don’t have to spend a whole bunch of money to get started. And sometimes, you don’t even have to spend any money. Always remember to think twice. With the Internet, there’s always a quality free version somewhere.
Also, consider talking with your Employer about it. Who knows, they might be able to help with old equipment. You could also use your good old equipment, and upgrade them if need be. Or you could ask friends and family whether they’ve got old computers, switches, routers…
Not having a clear goal
Cybersecurity is huge. There’s an unlimited amount of skills and knowledge you could learn in this field. The worst thing you could do is “trying to learn everything” at the beginning of your journey. You will end up learning nothing and thus not advancing on your journey.
This is one of the main reasons why the majority of people quit during the first few months of their cybersecurity journey. Figure out early on, what is it that you would like to learn in Cybersecurity.
Which field in Cybersecurity do you see yourself working in for the next ten years? Is it on the offensive side (Red Hat)? the defensive side? (Blue team), or even a Gray hat? Either way, figure it out.
The work on projects that will help you build skills in the field you’re looking to build your career on. The goal is to become an expert in the field you will be choosing.
Now as promised, here are my three Cybersecurity Homelab projects that I strongly recommend you to implement today.
Building a Cybersecurity Homelab for Detection & Monitoring
The project is called “Building a Cybersecurity Homelab for Detection and Monitoring”. It was developed by CyberWox Academy. This is by far one of the best cybersecurity Homelab possible. You can find the link to the lab page here.
And he has an entire Youtube playlist about this lab project. This is a totally free, and hands-on Cybersecurity project that teaches you everything you need to know to get started in Cybersecurity.
This project will walk you step by step and you will get more out of this Homelab project than any other expensive Bootcamp. Not only you are getting a lot of experience with configuring the machines, but you also get to work on various exercises in the lab.
It has a penetration machine included (Kali Linux), A Security Information Event Manager (SIEM), Network security monitoring tool (Security Onion). Security Onion…and so on.
Set up a SIEM in Azure
You can find this project on youtube. In this video, Josh Madakor will show you two Azure-related projects, Setting a SIEM in Azure and Setting an Active Directory Environment in Azure. He also talks about three other projects but in this article, we will only focus on how you can set up a SIEM in the Active Directory. I strongly recommend you subscribe to his cybersecurity course here where not only you will get access to this project but many other valuable ones. So let’s talk about how you can go abo.
This project will give you a lot of exposure to Microsoft Azure itself. You will first create and set up your Microsoft Azure Account and portal. Then you will set up an Azure Virtual machine. The goal is to get live attacks from people all over the internet and display a world map representing it. In order to do that, we will create a Network security group. Open all the ports. So that everybody on the internet could discover our Honeypot faster.
Then we will collect logs from our Azure virtual machine that you will be setting up. And use Powershell scripts to extract metadata (Alerts) from Windows Event Viewer to be forwarded to third-party API in order to derive Geolocation data (state/Province, country, magnitude, latitude…).
Then you will configure log Analytics, and workspace in Azure to ingest custom logs containing geographic. Then on the Azure Portal, you will work with Azure Sentinel, which is the Microsoft Cloud SIEM, to configure fields in Log Analytics workspace with the intent of mapping geo data in Azure Sentinel. You will then display global attack data (RDP brute force) on the world map.
Building a Penetration Testing Lab
If you would like to pursue the Offensive side of Cybersecurity, also known as Red Team. Then you should definitely give this lab a shot. You can find this lab in the second chapter of “The Ultimate Kali Linux Book – Second Edition” that You can download directly here, or you may also download its free version here.
This Book will teach you all the basics you could ever need to know in order to get into Penetration testing. It talks about skills such as Metasploit, Nmap, Air Cracking, and so on. It also goes through how you can compromise different networks with Kali Linux. With hands-on labs, you can practice, implement and include in your resume.
Conclusion
I hope that the labs we have presented here get your foot in the door in the wonderful world of cybersecurity and that you gain actual practical knowledge of certain invaluable cybersecurity skills such as monitoring tools, Firewalls, and Port scanning.
We have seen that Homelab projects could have as much value in a job interview as your work experience. So not only taking the time to practice them will give you the actual knowledge you need to understand cybersecurity concepts, but they will also open the door to amazing job opportunities for you. I wish you all the best, and good luck for the rest of your career.