Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Improving SCADA System Security

Introduction Supervisory control and data acquisition (SCADA) networks contain computers and software that perform critical tasks and provide essential servi
Read More
Article

Applied cracking & byte patching with IDA Pro

In the previous IDA Pro article, we took a look at the basics of reverse engineering source code and binary files. This rare dissertation committed to impart
Read More
Article

Learning how to pentest VPNs with VulnVPN

VulnVPN has been created by the author of http://www.rebootuser.com/ and I must say that it is a very good effort. The goal is to gain root access to a VPN s
Read More
Article

LAYER 7 DDOS ATTACKS: DETECTION & MITIGATION

Introduction: Initial Detection/Mitigation Challenges[pkadzone zone="main_top"] Before we go to the main topic of this article, let us take heed of two fact
Read More
Article

Anti- Reverse Engineering (Assembly Obfuscation)

This article illustrates these contents in detail: Abstract Obfuscation The .NET Application Anti-Reversing Implementation Obfuscated Code Analysis MS
Read More
Article

Attacking MS SQL server to gain system access

All systems and database administrators will agree that password complexity does not go very far when it comes to SQL servers. Whether this is done to keep t
Read More
Article

IOS Application Security Part 24 - Jailbreak Detection and Evasion

In this article, we will look at the checks a developer can incorporate in his application to check whether the device on which the application is running is
Read More
Article

Web Services Penetration Testing Part 5: Manual Testing with soapUI

In the previous article, we discussed the importance of manual web services penetration testing, how to perform a manual test using SOA Client, how SOA clie
Read More
Article

Web Services Penetration Testing Part 4: Manual Testing with SOA Client

In the previous article, we discussed the automated tools available for testing web services, how to automate web services penetration testing using differe
Read More
Article

Tracking user activities using web bugs

We live in a world where we're connected to each other by a mouse click and a few keystrokes. It's a revolution that changed the way we live our lives and ru
Read More
Article

Windows 7 Exploitation

Microsoft Windows 7 is much more secure than Microsoft Windows XP. The Windows XP operating system has lots of OS vulnerabilities and the malware infection r
Read More
Article

Web Services Penetration Testing Part 3: Automation with AppScan and Webinspect

In the previous article, we discussed the importance of tools in penetration testing, how automation helps in reducing time and effort, and how to automate
Read More
Article

Windows Systems and Artifacts in Digital Forensics: Part III: Prefetch Files

1. Introduction In this article, I'm going to focus on prefetch files, specifically, their characteristics, structure, points of interest in terms of forensi
Read More
Article

Analyzing malicious PDFs

PDF files have become very common in everyday work. It's hard to imagine business proposals without PDFs. The PDF format is used in almost all companies to s
Read More
Article

.NET reversing with Reflexil

Technically speaking a .NET built software or component (DLL) resembles an executable assembly. That's because it's compiled in MSIL, and you can usually vie
Read More
Article

Exploiting Linux Kernel Heap Corruptions (SLUB Allocator)

1. Introduction In recent years, several researchers have studied Linux kernel security. The most common kernel privilege vulnerabilities can be divided into
Read More
Article

SIM card forensics: An introduction

The SIM (subscriber identity module) is a fundamental component of cellular phones. It also known as an integrated circuit card (ICC), which is a microcont
Read More
Article

IOS Application Security Part 23 - Defending against runtime analysis and manipulation

In the previous articles, we have looked at how we can use debuggers and tools like Cycript to do runtime analysis and manipulation of IOS Applications. We h
Read More
Article

Human Factors in Information Security Management Systems

It is hard to accept that nowadays, organizations get along without having an astute and decisive information system. Providing a reliable and coherence info
Read More
Article

Risk associated with cookies

The Internet is surely the best resource to gather any kind of information about products, shops, customer complaints, user experience, etc. Companies are tr
Read More
Article

Privacy Implications of the Internet of Things

Introduction The term "Internet of Things" refers to the use of the Internet for monitoring, tracking, controlling, and interconnecting everyday objects. Fo
Read More
Article

Tunnelling SSH Traffic

Overview Security plays an important role in our internet world. As the number of users on the internet increases, it's necessary to have secure communicati
Read More
Article

Reversing firmware part 1

The article will explore various strategies for reversing firmware, with some examples. Finally, some best practices are mentioned. Embedded systems and f
Read More
Article

Reverse Engineering with Reflector: Part 1

Abstract This paper intended to teach sophisticated reverse engineering tactics, mainly by using Red Gate Reflector. This article demystifies dissembling and
Read More