If you're a Java developer, one approach is to check out http://nemo.sonarqube.org/ and see what projects you like that also need some cleaning up.
That's fantastic Dylan! Keep up the great work! It would be great if you could update your post and provide a link to your vulnerability scanner project I'm sure it would be of keen interest to many people. :-)