Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Pentester’s Guide to IoT Penetration Testing

IoT penetration testing specifics from a certified ethical hacker with 5+ years of experience. With the growing risk to IoT security, penetration testing ve
Read More
Article

GCIH certification overview

The GIAC Certified Incident Handler (GCIH) is one of the most prestigious certs for IT professionals who are starting their journey into the world of Inciden
Read More
Article

Video Tutorial - Paraben E3 Platform and Mobile Phone Forensics

Transcription Chris S., InfoSec Institute: Hello and welcome to today's weekly video from Infosec Institute. This week we'll be doing something a little
Read More
Article

Security+: Deploying Mobile Devices Securely - 5 Top Tips [DECOMMISSIONED ARTICLE]

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Security+: Technologies and Tools - SIEM [DECOMMISSIONED ARTICLE]

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Security+: technologies and tools - Access point [DECOMMISSIONED ARTICLE]

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Security+: Technologies and Tools - Load Balancer [DECOMMISSIONED ARTICLE]

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Security+: Technologies and Tools - Proxy [DECOMMISSIONED ARTICLE]

NOTE: This article reflects an older version of the Security+ Exam – please see the current Security+ Certification page for the most up-to-date information.
Read More
Article

Security vulnerabilities of cryptocurrency exchanges

  1. Introduction Many experts argue that cryptocurrencies may radically change not only the financial sector but also the way society operates. The rea
Read More
Article

PowerShell For Pentesters Part 2: The Essentials of PowerShell

Introduction PowerShell represents one of the most interesting and powerful languages for a pentesting purpose as we explained in the first part of this lab
Read More
Article

What Does Compliance With OWASP Really Mean for Financial Institutions?

The latest Cost of Cyber Crime study by Accenture found financial services among the most targeted and vulnerable industries, with breaches tripling over the
Read More
Article

Kioptrix VMs challenge walkthrough

In this article, we will walk through all the basic Kioptrix VMs (total 5) which are available on vulnhub.com. The difficulty level of all these machines is
Read More
Article

USV: 2017 Part 1 CTF Walkthrough

In this article, we will learn to solve another Capture the Flag (CTF) challenge which was posted on VulnHub by "Suceava University." As you may already know
Read More
Article

Beginner’s guide to Pentesting IoT Architecture/Network and Setting up IoT Pentesting Lab - Part 2

This is the 2nd part in Pentesting and Setting up our own IoT Lab. I hope you have gone through the first part. If not, please go through it. Pentesting and
Read More
Article

Beginner’s Guide to Pentesting IoT Architecture/Network and Setting Up IoT Pentesting Lab - Part 1

In this post, I will explain how to pentest an IoT Network/Architecture. Also, I will explain how to set up an IoT Pentesting lab for getting started with Io
Read More
Article

Gmail Phishing Scams You Need to Know About

Google Account Security Checkup by Wesley Fryer via Flickr. Licensed under CC BY 2.0 [pkadzone zone="main_top"] While Google has set up a war room
Read More
Article

Mirai botnet evolution since its source code is available online

Mirai – The evolving IoT threat Since the release of the source code of the Mirai botnet, crooks have improved their own versions by implementing new functio
Read More
Article

The top 15 must-have books in InfoSec

An essential part of building information security (InfoSec) professionals' expertise is played by hands-on experience and years of activity. However, a soli
Read More
Article

Top threats to online voting from a cybersecurity perspective

Last year, NASA set up an online voting campaign to pick a name for an astronomical object, a small ice-covered asteroid roving through a remote part of the
Read More
Article

And Again, About Storing Passwords

When the question of storing passwords arise, the first idea is to simply keep them in clear text in the corresponding table in the database. However, in 201
Read More
Article

Gaining Shell Access via UART Interface Part 3

This is the 3rd post in IoT-Hacking-Shell-via-UART series. I hope you have gone through the first two parts. If not, please go through them. In this part, I
Read More
Article

The Decline of Ransomware and the Rise of Cryptocurrency Mining Malware

1. Introduction ISACA, an international association focused on IT governance, has recently released its annual study "State of Cybersecurity." The study rela
Read More
Article

Mechanics Behind Ransomware-as-a-Service

Introduction Ransomware is an increasingly serious concern, and this problem is getting worse over time. Initially, this malware began to compromise fixed ta
Read More
Article

Gaining Shell Access via UART Interface Part 2

This is the 2nd post in IoT-Hacking-Shell-via-UART series. I hope you have gone through the first part. If not, please go through it. In this post, I will co
Read More