Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Socket Programming

Introduction This article will give you a broad understanding of key networking concepts, such as ISO stack and TCP/IP, and how applications can logically an
Read More
Article

Password Cracking Evolution

In this article, my goal is to show the evolution in password cracking era how hackers/crackers cracked passwords around 10 years ago and how they are cracki
Read More
Article

.NET Assembly Programming

Abstract In this series, we'll examine the core details of creating, deploying and configuring .NET assemblies and its advantage over existing COM technolog
Read More
Article

Fitting cyber attacks to jus ad bellum — Target-based approach

I. Essence The target-based is the second approach that theorists and practitioners use to tuck cyber warfare into the unfitting law framework that jus ad be
Read More
Article

Confessions of an Identity Thief

Note: This is the first in a series of articles written by a convicted felon currently serving 57 months in a federal correctional institution for identity t
Read More
Article

Common Vulnerability Scoring System

1. Introduction This article presents an open framework for scoring IT vulnerabilities— the Common Vulnerability Scoring System (CVSS) Version 2.0. It introd
Read More
Article

.NET Reverse Engineering-1:CIL Programming

Introduction The prime objective of this article is to confront with the .NET mother tongue language termed as Common Instruction Language (CIL) which laid d
Read More
Article

Fitting cyber attacks to jus ad bellum — Instrument-based approach

Introduction The coming of new technologies is challenging to many fields of human activity. In particular, there is a discrepancy between IT and the laws
Read More
Article

IOS Application Security Part 8 - Method Swizzling using Cycript

In the previous article, we looked at how we can install custom apps on our device without a developer certificate. In this article, we will look at how we c
Read More
Article

Programming with COM

Abstract This article commences by taking a brief backward glimpse at COM then compares it with the way that components interact in .NET, and finally it tak
Read More
Article

The Palantir Technologies model, lights and shadows on a case of success

Introduction In this article one of the most debated intelligence company is presented: the Palantir Technologies, a firm that is recognized as one of most b
Read More
Article

IOS Application Security Part 7 - Installing and Running Custom Applications on Device without a registered developer account

Usually, to test apps on a device, you need to be a registered developer which costs about $99/year. For people who want to learn IOS Application security, i
Read More
Article

Botnets Unearthed – The ZEUS BOT

Zeus, also known as ZBot/WSNPoem, is famous for stealing banking information by using man in the browser keystroke logging and form grabbing. As the term sug
Read More
Article

Windows Memory Protection Mechanisms

Introduction When trying to protect memory from being maliciously used by the hackers, we must first understand how everything fits in the whole picture. Let
Read More
Article

Encryption – Anything to Declare?

Encryption is a great tool for reducing risks of the loss and interception of data. Encryption technology it has become increasingly deployable and powerful
Read More
Article

Using OSINT in Your Business

How could organisations leverage open-source intelligence to gain more insight into their cyber threats? It seems that many organisations, including some of
Read More
Article

IOS Application Security Part 6 - New Security Features in IOS 7

As we all know, Apple recently introducted its new version of IOS at WWDC 2013 with a completely redesinged User Interface. If you haven't seen it yet, check
Read More
Article

Project Artemis – OSINT activities on Deep Web

Introduction During the last months I was a member of the board for a project titled Artemis, a research project that I started with my co-author Richard Amo
Read More
Article

The ZeroAccess Botnet Revealed

There has been a large spread of Botnet-related threats in the web world recently. Now when we talk about botnets, it is basically a collection of code linke
Read More
Article

What is Bitcoin?

Bitcoin is a digital currency or, we might say, electronic cash that uses peer-to-peer technology for transactions. Here peer-to-peer means it is not managed
Read More
Article

Heap overflow: Vulnerability and heap internals explained

A heap overflow is a form of buffer overflow; it happens when a chunk of memory is allocated to the heap and data is written to this memory without any bound
Read More
Article

Cracking the Maze of Advanced Persistent Threats!

Advanced Persistent Threats, as the name suggests, are advanced, persistent and deadly in their nature. The ghost of APTs can affect any organization at any
Read More
Article

PRISM – Facts, Doubts, Laws and Loopholes

Introduction Edward Snowden is the name of a 29-year-old technical assistant for the Central Intelligence Agency who disclosed the largest surveillance prog
Read More
Article

C# Multithreading Example

Introduction The term "multithread programming" may sound complicated, but it is quite easy to do in C#.net. This article explains how multithreading works o
Read More