Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Raising a Rogue Access Point

Introduction Before beginning this article I want to clear up some stuff about awareness. Everything that is going to be described in this article must be
Read More
Article

The Rise of Cyber Weapons and Relative Impact on Cyberspace

Once upon a time we lived in a world in which wars were fought by brave soldiers who faced each other in furious combat in a way that today we would find it
Read More
Article

Three Ways to Defeat a ReverseMe

Introduction What is a « ReverseMe »? [pkadzone zone="main_top"] [pkadzone zone="main_top"] Disassembling or debugging commercial programs is usually prohib
Read More
Article

Fuzzing Vulnserver with Sulley: Part 3

1. Introduction Vulnserver is a vulnerable server written by Stephen Bradshaw whose blog is located here: grey-corner. This server was written intentionally
Read More
Article

Fuzzing Vulnserver: Discovering Vulnerable Commands: Part 1

1. Introduction Vulnserver is a Windows TCP server running on port 9999. It was written by Stephen Bradshaw whose blog is located here. The server was intent
Read More
Article

Getting Your Hands Dirty in x86 Assembly Code

For those of you who have been following my eventful career, you already know that this is actually my second published tutorial. Just to bring you up to dat
Read More
Article

Linux TPM encryption: Initializing and using the TPM

Initializing the TPM To secure our data we must first initialize the TPM. What we're actually doing is changing the settings of the hardware TPM chip modu
Read More
Article

Packet Filtering

1. Packet Filtering Introduction This tutorial will talk about packet filtering. First we must define what packet filtering is. Packet filtering is a process
Read More
Article

Security Categories

1. Introduction I've been a security enthusiast for years now, and currently I'm working as a security penetration tester. Over the years it has happened
Read More
Article

Linux TPM encryption: Enabling TPM in BIOS and Kernel

The TPM stands for the Trusted Platform Module, which is a secure microprocessor that can store cryptographic keys that are further used to encrypt/decrypt d
Read More
Article

Good Programming Techniques - S.O.L.I.D. and Three-layer Architecture

A lot of people wonder how to approach writing code. So I decided to write on this topic in a few articles. Here's the first one, I hope that it will be inte
Read More
Article

Manual packet analysis

In this tutorial, we will learn how to read a packet header. It's not very common to inspect packet fields, but it is important to know how to read and inspe
Read More
Article

How to Use Iptables

1. Introduction First we must mention that iptables is a Linux kernel firewall, which is why we can categorize it with the picture below:[pkadzone zone="main
Read More
Article

Penetration Testing with the Joomla Security Scanner

Joomla Security Scanner Joomla Security Scanner Detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla Websites. It wil
Read More
Article

Security for Small and Medium Enterprises, Part 1

Those trained and experienced in the Information Security area know all about IDS systems, biometric security, Disaster Recovery systems, and all the other e
Read More
Article

Antivirus Evasion: The Making of a Full, Undetectable USB Dropper / Spreader

Some Basics and Overview Usually when we talk about bypassing antivirus software, and especially when we talk about antivirus programs like NOD32, Kaspersky
Read More
Article

Introduction to Controlling the Integrity of the File System

Do you remember my article about physical security? If so, this article can be seen as its development. If there it is more focused on the security of an org
Read More
Article

IronWASP Part 1

IronWASP stands for Iron Web application Advanced Security testing Platform, and was developed by Mr.Lavakumar Kuppan. It is an open source system and is mai
Read More
Article

Noobz guide for setting up a vulnerable lab for Pentesting

Most of the people I know who are new to penetration testing want to hone and enhance their skills, but they have problems like: They don't have a tar
Read More
Article

Backups. What will happen to your data?

If you woke up tomorrow morning and found that your computer or portable device wouldn't turn on, or had been stolen, what would you do? I'm a computer troub
Read More
Article

Installing and Running the Honeypot

This article is in continuation of Part 1 of the series on Ghost USB Honeypot. Malware threats have become very common these days and hence the need of honey
Read More
Article

How to Break Simple Software Protections

Some software developers are really lazy when it comes to protecting their products, and in some cases, the protection they implement (just like most "infamo
Read More
Article

Drupal Security Notes

Drupal is one of the most popular free and open source web application frameworks. Drupal is almost infinitely extensible through not only various theme poss
Read More
Article

Best Practices When Creating Passwords

I understand perfectly well that the InfoSec website has often discussed the use of good algorithms for hashing passwords. But these articles were usually ve
Read More