Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

How Phishing Attacks Bypass Spam Filters

A successful phishing campaign has at least three common denominators, which are accurate target information, successful message delivery, and execution of t
Read More
Article

Meeting Invite Phishing Attacks- Templates and Examples

It is possible that your organization can be phished by avenues other than email. Social-engineering attacks are part technical but mostly psychological and
Read More
Article

Domain Fronting

In this article, we are going to learn about a very interesting and powerful technique known as Domain Fronting which is a circumvention technique based on H
Read More
Article

The Internet Drafts and Security Issues Around a Virtual Private Network Infrastructure

All of our articles in this series have reviewed what a Virtual Private Network Infrastructure is all about. Essentially, it is simply another layer of Secur
Read More
Article

Lynis: Walkthrough

Lynis is an open-source security audit tool used to check the security of Linux and UNIX based systems. Since it is self-hosted, it performs extensive securi
Read More
Article

China’s New Cyber Security Law

1Section 1. Introduction Regional regulations on data transfers, such as the U.S.-E.U. Privacy Shield framework, have a significant impact on the cross-bord
Read More
Article

Memory Forensics: Enumeration

In Part 1 of this article, we have looked at the memory forensics power during the enumeration of forensically important objects like PROCESS, VAD nodes, MEM
Read More
Article

Understanding Security Risk Concepts

Understanding and analyzing the various risk factors to network security is of the utmost importance in information technology. Categorizing various risks, i
Read More
Article

Steganography - Don’t judge a book by its cover

Steganography is the art of hiding data in hiding data within non-secret text or data. A file, message, image, or an audio file can can be concealed within a
Read More
Article

Memory Forensics Power: An Introduction

Since we live in a digital world, it becomes utmost important for digital environment to be secure so that we can operate safely and reliably. So often we ha
Read More
Article

Hackerfest Sedna CTF Walkthrough

Sedna is the second and medium level CTF from Hackerfest. We hosted the VM in Virtual box and ran nmap on its target IP. [pkadzone zone="main_top"] As can
Read More
Article

Keeping your Security Awareness Training up to Date

The more you perform phishing simulation training your users become more and more security-conscious and thereby more aware of the basic phishing symptoms su
Read More
Article

The Rise of the IoT Botnet: Beyond the Mirai Bot

In the beginning, it was the Mirai botnet IoT botnets are probably one of the most dreaded menaces in the threat landscape, poorly configured and flawed 'Int
Read More
Article

SAP HANA Platform Security

After we embraced the security of SAP ABAP and Java platforms, now it's SAP HANA Platform's turn. You will learn the most important notes about its security,
Read More
Article

Minotaur CTF Walkthrough

Minotaur is a boot2root CTF. Once you load the VM, treat it as a machine you can see on the network, i.e. you do not have physical access to this machine.
Read More
Article

Targeting WSUS Server

(For the first part of the series, From APK to Golden Ticket, see here ) Two servers were eligible for reaching a stable remote shell goal. The servers: WSUS
Read More
Article

Exploiting Protostar – Stack 0-3

In this article, we will be reverse engineering and exploiting simple C programs from Protostar VM by exploit-exercises.com. We will be mainly focusing at ho
Read More
Article

Hackerfest Quaoar CTF Walkthrough

Quaoar is the first and easiest CTF from Hackerfest. We hosted the VM in Virtual box and ran nmap on its target IP. [pkadzone zone="main_top"] As can be seen
Read More
Article

Top 7 Questions to Ask Your Vendors about Their Security Policies

Cyber security is one of the most critical issues the U.S. faces today. The threats are real, and the need is pressing. The cyber security status is unstable
Read More
Article

How Security Awareness Training Can Protect Small Businesses

Small businesses are progressively utilizing information technology in business processes, but aren't doing it securely. In essence, they do not believe adve
Read More
Article

Advanced IronWASP

In Part 1, we saw what all IronWASP is capable of and how it handles a single page scan. In Part 2, we shall see how it reacts to a complex web application o
Read More
Article

Machine learning for malware detection

Machine Learning is a subfield of computer science that aims to give computers the ability to learn from data instead of being explicitly programmed, thus le
Read More
Article

IronWASP: An introduction

Security scanners have always played an important role during penetration testing. It helps save a lot of resources as automated testing plays a big role in
Read More
Article

SAP NetWeaver J2EE Platform Security

In the previous article, we discussed SAP NetWeaver ABAP Platform and its vulnerabilities. Today's topic is the J2EE platform, its architecture, vulnerabilit
Read More