Most security learning resources are either slideware or unstructured code dumps. This repository takes the opposite approach: a modular, tiered curriculum of reproducible, well-documented projects so learners build practical skills by implementing real tools.
What Sets It Apart
- Tiered hands‑on curriculum: 70 projects split across Foundations, Beginner, Intermediate and Advanced so learners can progress from single-file, heavily commented starters to multi-week production-style builds.
- Teach-first repo layout: every completed project includes a learn/ folder with theory, architecture notes, implementation commentary and challenge ideas — designed for instruction rather than just distribution of code.
- Broad tech & topic coverage: projects use Python, Go, Rust, TypeScript and more, and cover networking, fuzzing, SIEM, honeypots, supply-chain demos and AI/security overlap (examples: LLM Prompt Injection Firewall, AI Threat Detection, Adversarial ML Attacker).
- Reproducible, permissive teaching flow: source code, docs and guided course links (via CertGames) make it easy to follow along; license is AGPL-3.0, which requires source distribution for networked services.
Who it's for — and tradeoffs
Great fit if you want a project-based pathway into defensive and offensive security: students, bootcamps, security engineers building demos, and instructors who need ready-made labs. The repo emphasizes learning clarity (inline comments, single-file starters) over delivering hardened production deployments.
Look elsewhere if you need turnkey commercial products, enterprise-grade support, or audited production appliances — many projects are intentionally educational and sometimes dual-use (security/offense), so use within legal/ethical boundaries. Also note the AGPL-3.0 license can impose sharing obligations for networked deployments.
