feat: added Secure Crypto Vault to starter_code

data/projects.json

@@ -275,9 +275,9 @@
     "starter_code": "starter_code/survey_form/index.html"
   },
   {
-    "id":10,
+    "id": 10,
     "title": "API ETL Pipeline",
-    "skills": ["Python","pandas","requests"],
+    "skills": ["Python", "pandas", "requests"],
     "level": "Intermediate",
     "interest": "Data",
     "time": "Medium",
@@ -289,17 +289,17 @@
       "Generate summary statistics",
       "Export the processed CSV for any other Analytics projects"
     ],
-    "tech_stack": ["Python", "pandas","requests","JSON"],
+    "tech_stack": ["Python", "pandas", "requests", "JSON"],
     "roadmap": [
-      "Step 1:  Install required modules via pip",
-      "Step 2:  Find a public API key for this project",
-      "Step 3:  Fetch the data from the API using requests",
-      "Step 4:  Validate the response you just fetched From the API",
-      "Step 5:  Normalize the nested JSON data by flattening it",
-      "Step 6:  Use the fetched data to build a pandas dataframe",
-      "Step 7:  Handle missing values or duplicate values",
-      "Step 8:  Export the cleaned dataset to CSV format",
-      "Step 9:  Generate a summary for the newly created CSV dataset",
+      "Step 1: Install required modules via pip",
+      "Step 2: Find a public API key for this project",
+      "Step 3: Fetch the data from the API using requests",
+      "Step 4: Validate the response you just fetched From the API",
+      "Step 5: Normalize the nested JSON data by flattening it",
+      "Step 6: Use the fetched data to build a pandas dataframe",
+      "Step 7: Handle missing values or duplicate values",
+      "Step 8: Export the cleaned dataset to CSV format",
+      "Step 9: Generate a summary for the newly created CSV dataset",
       "Step 10: Test the file with at least two different public APIs"
     ],
     "resources": [
@@ -311,7 +311,7 @@
     ],
     "starter_code": "starter_code/api_data_pipeline.py"
   },
-  {
+ {
   "id": 11,
   "title": "AI Resume Analyzer",
   "skills": [
@@ -360,11 +360,42 @@
     "Flask quickstart: https://flask.palletsprojects.com/quickstart"
   ],
   "starter_code": "starter_code/ai_resume_analyzer.py"
-  }
+  },
+  {
+    "id": 12,
+    "title": "Secure Crypto Vault",
+    "skills": ["Python"],
+    "level": "Intermediate",
+    "interest": "Cybersecurity",
+    "time": "Medium",
+    "description": "A professional-grade CLI utility for storing sensitive credentials using industry-standard AES-256-GCM encryption. Teaches cryptography basics and secure key derivation.",
+    "features": [
+      "Encrypt and store passwords securely",
+      "PBKDF2 key derivation for master passwords",
+      "Authenticated encryption (AES-GCM)",
+      "JSON-based local data persistence"
+    ],
+    "tech_stack": ["Python", "Cryptography library", "JSON", "base64"],
+    "roadmap": [
+      "Step 1: Set up a virtual environment and install cryptography",
+      "Step 2: Implement PBKDF2 for secure master key generation",
+      "Step 3: Build the AES-GCM encryption/decryption logic",
+      "Step 4: Create functions to save/load the encrypted vault file",
+      "Step 5: Build a secure CLI menu for adding/viewing entries",
+      "Step 6: Implement salt and nonce handling for high security",
+      "Step 7: Test with multiple service entries and verify decryption"
+    ],
+    "resources": [
+      "Python Cryptography docs: https://cryptography.io/en/latest/",
+      "OWASP Key Derivation: https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html",
+      "Real Python Security: https://realpython.com/python-api-key-setup-and-usage/"
+    ],
+    "starter_code": "starter_code/secure_vault/valt.py"
+ }
 
   ,
   {
-    "id": 8,
+    "id": 13,
     "title": "Number Guessing Game",
     "skills": ["Python"],
     "level": "Beginner",
@@ -395,7 +426,7 @@
     "starter_code": "starter_code/number_guessing.py"
   },
   {
-    "id": 9,
+    "id": 14,
     "title": "Simple Email Automation",
     "skills": ["Python"],
     "level": "Beginner",
@@ -426,7 +457,7 @@
     "starter_code": "starter_code/email_automation.py"
   },
   {
-    "id": 10,
+    "id": 15,
     "title": "Quiz App",
     "skills": ["HTML", "CSS", "JavaScript"],
     "level": "Beginner",

starter_code/secure-vault/README.md

@@ -0,0 +1,39 @@
+# Secure Crypto Vault (Python)
+
+A professional-grade CLI utility demonstrating industry-standard security implementations for credential management.
+
+## Features
+- **Authenticated Encryption:** Uses AES-256-GCM (Galois/Counter Mode) for both confidentiality and integrity.
+- **Secure Key Derivation:** Implements PBKDF2-HMAC-SHA256 with 600,000 iterations (OWASP recommendation).
+- **Master Password Protection:** Uses the `getpass` module to mask password entry.
+- **Persistent Storage:** Encrypted credentials are saved to a local `vault.json` file.
+
+## Setup Instructions
+1. Navigate to the project folder:
+   ```bash
+   cd starter_code/secure-vault
+
+2. **Install the required security library:**
+   ```bash
+   pip install -r requirements.txt
+
+3. **Run the application:**
+   ```bash
+   python vault.py         
+
+## Security Implementation Details
+This project prioritizes high-entropy security and follows modern cryptographic standards:
+
+- **Key Derivation (PBKDF2):**
+  - **Algorithm:** HMAC-SHA256
+  - **Iterations:** 600,000 (Aligned with OWASP 2024 password storage recommendations).
+  - **Salt:** 16-byte cryptographically secure random salt generated via `os.urandom()`.
+
+- **Authenticated Encryption (AES-GCM):**
+  - **Mode:** AES-256-GCM (Galois/Counter Mode).
+  - **Integrity:** Unlike standard AES-CBC, GCM provides built-in authentication, ensuring that the ciphertext has not been tampered with.
+  - **Nonce:** A unique 12-byte initialization vector (IV) is generated for every individual entry.
+
+- **Storage:**
+  - Sensitive data is never stored in plain text.
+  - The `vault.json` file contains only the Salt, Nonce, and Ciphertext in hexadecimal format.