Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

API hooking and DLL injection on Windows

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec. [pkadzone zon
Read More
Article

Using CreateRemoteThread for DLL injection on Windows

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec . [pkadzone zo
Read More
Article

QR Code: USSD attack

The QR code or Quick Response code was originally designed for industrial applications, and has quickly gained popularity in the advertising industry. With t
Read More
Article

Data Exfiltration Techniques

Introduction In this article we will see how malware encode or encrypt data that's exfiltrated to the Command and Control Server from infected machines. Thi
Read More
Article

L-7 Protocol analysis

Traditional intrusion detection systems have always relied on protocol specific analysers to extract the context of the traffic stream. Basically, an intrusi
Read More
Article

Visual Studio and Build Process

Introduction Each DLL contains various exported functions that can be accessed by other programs. DLLs are being extensively used because the DLL is loade
Read More
Article

PayPal: Chargebacks and Dispute Resolution

Introduction PayPal Inc. is a global provider of online payment services established in 1998 in Palo Alto, California. In 2012, PayPal Inc. generated a to
Read More
Article

The ASP.NET Internals

ASP.NET Configuration Options The most important configurations in the web.config file will be described in this section:[pkadzone zone="main_top"] <authe
Read More
Article

Phishing and Social Engineering Techniques 2.0

This is the second part of the phishing and social engineering techniques series. In the first article, we have discussed what phishing is, as well as differ
Read More
Article

The Top 10 Internet Resources to Use After Suffering a Cyber Breach

Most cyber breaches into your online presence will be directed at your website server and its accompanying databases or accounts. And, if you've been the vic
Read More
Article

Cyber Kill Chain is a Great Idea, But is It Something Your Company Can Implement?

Lysa Myers, Virus Hunter, Intego If you're one of those folks who read a lot of InfoSec news, you've no doubt heard a lot of mention of the effectiveness of
Read More
Article

OWASP’s 2013 Web Vulnerabilities List Will Shuffle the Top Ten

[highlight color="blue"]Interested in formal OWASP Top 10 Training? Check out our  OWASP Top 10 Training course OWASP Top 10 Training. [/highlight] The OWASP
Read More
Article

Delegates and Events: C#, Net 4.0

Abstract In this article, you will learn how to create and manipulates Delegate types as well as C# events, which streamline the process of working with dele
Read More
Article

Vulnerability Assessment of SNMP Service – II

Background: This is our second article in a series on vulnerability assessment of SNMP Service. In the previous article, we learned how we could set up a SN
Read More
Article

The Sysenter Instruction Internals

Introduction In the previous article we've seen that whether we're using the int 0x2e interrupt or sysenter instruction, the same method in kernel is being u
Read More
Article

Stress testing your wireless network

In order to overcome physical limitations of wired connections, a lot of us prefer wireless connections. It reminds me of when I had my Sony PlayStation
Read More
Article

Anatomy of a VB Virus

Introduction In this article, we will look in depth at a virus written in Visual Basic. We look at various techniques used by this virus to deter the process
Read More
Article

Open Source .NET: Platform-Independent .NET Application Development with MONO – part one

Abstract Over the years, the Linux operating system has become more popular among the developer community due to a significant cost advantage over proprietar
Read More
Article

Pentesting distributions and installer kits for your Raspberry Pi

Raspberry Pi for pwning and penetration testing? Of course! Why not? As an introduction, Raspberry Pi is an ARM GNU / Linux box or a credit card size mini co
Read More
Article

Vulnerability Assessment of SNMP Service – I

Background: This is the first article out of a series of articles that I am planning to write on vulnerability assessment of SNMP Service. SNMP – also known
Read More
Article

Introduction to Kernel Debugging with Windbg

Introduction You've probably heard about Windbg before, right? It's a Windows debugger written by Microsoft that's used by developers and hackers for debuggi
Read More
Article

E -Money Fraud

1. Introduction Electronic money (e-money) is the digital equivalent of cash that is stored on an electronic device or remotely at a server. It is a relativ
Read More
Article

Form Authentication: ASP.NET Security Part 3

Abstract In the previous articles, you have learned about Windows Authentication and Code Access Security. This article's objective is to further understandi
Read More
Article

Presenting the PE Header

Let's present the whole PE file structure with the picture below (taken from [5]): [pkadzone zone="main_top"] At the beginning there's a DOS header, which is
Read More