Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

.NET Memory Internals

Abstract This article delves into various aspects of memory access and management. There are distinctive categorizations of memory, for instance static data
Read More
Article

Writing Your Own Parser

Writing Data Format Parsers [pkadzone zone="main_top"] Abstract File format parsing and converting for further processing is a fundamental activity in many
Read More
Article

Fitting cyber attacks to jus ad bellum — Consequence-based approachPart III

I. Criticism and possible flaws of consequence-based approach and seven-factor test There are people from the field of law, and not only, who do not think t
Read More
Article

Geocoding Router Log Data

Any good piece of malware eventually has to phone home. What good is collecting your dirty little secrets if it can't capitalize on them? This article will h
Read More
Article

Cybercrime as a Service

Reading about cybercrime, it is very easy to find terms such as attacks-as-a-service, malware-as-a-service and fraud-as-s-Service, that are commonly used to
Read More
Article

Extreme .NET Reverse Engineering - 5

Introduction We have done lots of IL grammar so far. As I warned you earlier, Reverse engineering could be exercising both offensive and defensive motives.
Read More
Article

Fitting cyber attacks to jus ad bellum — Consequence-based approach Part II

The consequence-based duo tests The focus of this contribution is placed on two tests which employ the consequence-based approach that, in turn, aims to cat
Read More
Article

IOS application security part 12 - Dumping keychain data

In the previous article, we looked at the different ways in which we could analyze the network traffic and the api calls being made through an IOS applicatio
Read More
Article

Fitting cyber attacks to jus ad bellum — Consequence-based approach Part I

Introductory presentation While still reviewing the instrument-based theory, there was a slight allusion at some point that oftentimes from practical reason
Read More
Article

Content Spoofing

According to WhiteHat Security's annual study of about 15,000 websites, 86% had at least one serious hole that hackers could exploit, and content spoofing is
Read More
Article

Extreme .NET Reverse Engineering - 4

Introduction We shall explore round-trip engineering, which is one of the most advanced tactics to disassemble IL code in order to manipulate reverse engine
Read More
Article

.NET Reverse Engineering – 3

Introduction We have taken tour of the syntax and semantics of raw CIL up till now. In this article, we shall be confronted with the rest of implementation
Read More
Article

IOS Application Security Part 11 - Analyzing Network Traffic over HTTP/HTTPS

In the previous article, we looked at IOS filesystem and forensics. In this article, we will be looking at how we can analyze the network traffic flowing acr
Read More
Article

Rootkits On Your Smartphone

While security of mobile operating systems is one of the most researched topics today, exploiting and rootkitting ARM-based devices gets more and more intere
Read More
Article

Confessions of an Identity Thief – Part 2

The saga continues. Now things get really interesting. In our last episode our identity thief had successfully procured a check made out to the dealership fo
Read More
Article

IOS Application Security Part 10 - IOS Filesystem and Forensics

In this article, we will be looking at the IOS filesystem, understand how the directories are organized, look at some important files, and look at how we can
Read More
Article

.NET Reverse Engineering –Part 2

Introduction The first Article of this series touched the most significant aspect of the MSIL code Instructions, for instance, how a program written in ILAS
Read More
Article

Facebook Technologies

As in any other field, for a win, we should take a look at the successful stories and case studies around us. In this article I would like to talk about opti
Read More
Article

How Edward Snowden protected information … and his life

Who is Edward Snowden? Edward Snowden is the man who changed the history of the Internet; he revealed information on the largest and most secret surveillance
Read More
Article

The Mobile Device Management Saga: An SIEM (Security Information Event Management) perspective

Wikipedia defines Mobile Device Management (MDM) solutions as solutions that secure, monitors and supports mobile devices, deployed across various Mobile ser
Read More
Article

Password Auditing Explained

Why Audit?  Harriet Beecher Stowe is credited with the quote "Human nature is above all things lazy" - while I prefer to think of myself as 'efficient' rathe
Read More
Article

Means and Methods of Web Tracking: Its effects on privacy and ways to avoid getting tracked

 1. Introduction Below, we will discuss the reasons that incited people, businesses and governmental agencies to employ web tracking, detailed and basic meth
Read More
Article

Fitting cyber attacks to jus ad bellum — Consequence-based approach, Part III

1. Criticism and Possible Flaws of Consequence-Based Approach and Seven-Factor Test There are people from the field of law, and not only from that field, wh
Read More
Article

IOS Application Security Part 9 - Analyzing Security of IOS Applications using Snoop-it

In some of the previous articles, we have looked at how we can dump class information of IOS apps using class-dump-z, hook into the runtime using Cycript and
Read More