Top 20 Cybersecurity Projects Ranked by Difficulty and Hireability Impact

20 Jun 2026

cybersecurityprojectsdifficultyhireabilitylearning_valuecoolnessSigma_HQYaramalware_reverse_engineeringCVEElasticSentinelGhidraMISPAzureAWScloud_securityActive_DirectoryOAuthphishingautomationvulnerability_scanningEU_AI_ActLLMprompt_injectiondetection_engineeringopen_source

The video ranks 20 cybersecurity projects by difficulty (from 'noob' to 'madhat') and evaluates their impact on hireability, learning value, and perceived 'coolness' using a custom scoring system. Key projects include contributing a detection rule to Sigma HQ (difficulty 6/10, hireability 9/10), reverse engineering malware with Yara/Sigma rules (difficulty 10/10, hireability 10/10), and disclosing a real vulnerability for a CVE (hireability 10/10). Tools highlighted include Elastic/Sentinel for log analysis, Ghidra for malware reverse engineering, MISP for threat intel automation, and Azure/AWS for cloud misconfiguration hunting. The presenter, a former hiring manager, emphasizes projects that demonstrate investigation skills (e.g., documenting attack chains) or real-world application (e.g., LLM prompt injection testing, mandated by the EU AI Act). Projects like Active Directory attack/defend labs and OAuth consent phishing demos target enterprise-relevant skills, while automated security tooling (e.g., custom vulnerability scanners) proves engineering capability. Scores for hireability range from 1/10 (portfolio websites) to 10/10 (CVE disclosures), with 'coolness' often inversely correlated to practical value. The video concludes that unique, open-source contributions or hands-on detection engineering work stand out to employers.