Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Invoking Article 51 (self-defense) of the UN Charter in Response to Cyber Attacks - I

Introduction Among the series of problems with regard to the legal regulation of cyber attacks is how the self-defense doctrine applies to them. In itself, t
Read More
Article

Restricting social media at work

Employees using social networks such as Facebook and Google+ may not only waste a lot of their working time, but also spread viruses on their work computers.
Read More
Article

Arbitrary file download: Breaking into the system

What you will learn: Introduction to Arbitrary File Download [pkadzone zone="main_top"] Difference between Arbitrary File Download and LFI/ RFI H
Read More
Article

Using X5S with Fiddler to find XSS Vulnerabilities

Cross Site Scripting is one of the top 10 OWASP security threats. This dangerous vulnerability allows attackers to inject malicious scripts on a website in u
Read More
Article

Demystifying dot NET Reverse Engineering: Advanced Round-trip Engineering

Before going through this article, I highly advice you to read all previous ones in the series since I will not re-explain some techniques and re-describe so
Read More
Article

Tips and Tricks for Using Two-Factor Authentication Technology

Large corporations have been employing two-factor authentication and multi-factor authentication for years to protect against customer identity theft, fraud,
Read More
Article

Security Assessment of Blackberry Applications:

Development of mobile applications have picked up really fast in the last couple of years. Much has been written about the security assessment of iOS & A
Read More
Article

LUKS: Swap, Root and Boot Partitions

The /swap Partition We need to encrypt the swap partition, since we don't want encryption keys to be swapped to an unencrypted disk. To do that we can first
Read More
Article

AAnval - SIEM by Tactical Flex

Aanval by Tactical Flex is an event correlation tool also known as a SIEM. Many governmental agencies require a centralized login system to retain and corre
Read More
Article

Command line for Windows malware and forensics

Abstract: WMIC has completed more than a decade of existence without having the limelight in terms of its features, though windows command line geeks hav
Read More
Article

Wordpress Security for Users

Introduction We all know that Wordpress is the primary CMS system used on the Internet. We also know that security in Wordpress is not always taken for grant
Read More
Article

Using Technology To Enhance Public Safety

This article is focused on the sport football (or soccer in the USA). Nevertheless, the same technology and security measures can be applied in virtually any
Read More
Article

IDA: Jumping, searching and comments

In this tutorial, we will describe the Jump Menu option in Ida Pro. Using the Jump command when analyzing an executable can prove to be a valuable trick in p
Read More
Article

IDA Functions

Ida is a very good disassembler and its automatic analysis upon loading the executable is quite intense and useful, but nevertheless, it can't always be righ
Read More
Article

Identity Theft: The Means, Methods and Recourse

Introduction Identity theft occurs when a person uses the identity of another person with the intent to obtain benefits illegally. The victim of the identity
Read More
Article

Hide your Online Identity with Whonix

The primary reason for writing this is to educate journalists and investigators who want to fight crime anonymously. However, the contents of this article ca
Read More
Article

Fun with email headers

Email is still, to this day, the most used method of online communication. Even though many people predicted email would eventually get replaced by instant m
Read More
Article

IDA: Cross references / Xrefs

Cross references can help us determine where certain functions were called from, which can be useful for a number of reasons. Let's say that we found the fun
Read More
Article

Interview: CEO Mark Aiello of The Revolution Group

[caption id="attachment_14278" align="alignleft" width="169"] Mark Aiello[/caption] secureRevGroup, a Wakefield, Massachusetts-based information security pro
Read More
Article

Differences between the privacy laws in the EU and the US

Everything we do in the Internet leaves digital fingerprints. Therefore, it is only logical that many web users are worried about the issue of privacy. Their
Read More
Article

Leveraging the command line for windows: malware analysis and forensics. Part I

cmd.exe - Leveraging the command line for windows: malware analysis and forensics. Part I Abstract : The command prompt for windows is a dark horse of sort
Read More
Article

NMAP Scripting Engine and Categories

1. Introduction We all know what Nmap is and what we can do with it, but for those of you who don't, here's a short overview. Nmap is an open source security
Read More
Article

Demystifying dot NET reverse engineering: Introducing Round-trip engineering

Introduction After covering the basics of dot NET reverse engineering in first articles (refer to the references), it's time to go more in depth of the dot
Read More
Article

What is an SQL Injection? SQL Injections: An Introduction

New SQL Injection Lab! Skillset Labs walk you through infosec tutorials, step-by-step, with over 30 hands-on penetration testing
Read More