Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Methods for attacking full disk encryption

Full disk encryption is part of cryptography that uses mathematical structures and operators. Cryptography and cryptanalysis functions are used in modern sof
Read More
Article

Introduction to Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI) Public Key Infrastructure (PKI) uses mathematical structures and operators. Cryptography and cryptanalysis functions are us
Read More
Article

Infosec Skills Author Jason Welsh shares his passion for Linux and Cybersecurity

Infosec Skills author Jason Welsh on his passion for Linux
Read More
Article

Exploiting NFS share [updated 2021]

Recently, while performing a network-level penetration testing activity for one of the clients, I came across a vulnerability which was used to compromise al
Read More
Article

CGEIT certification exam: overview of domains [Updated 2021]

Introduction When it comes to IT governance, organizations hope to find professionals who can help ensure their operations adhere to specific industry regul
Read More
Article

Presidential: 1 CTF walkthrough part 1

Information shared in this article is intended for educational purposes only. Infosec and the author are not responsible for nefarious actions associated wit
Read More
Article

Application sideloading in Windows 10

Application Sideloading Windows 10 security is a constantly evolving and update process. Data security in Windows 10 starts with a high encryption, using Bi
Read More
Article

Phishing with Google Forms, Firebase and Docs: Detection and prevention

The COVID-19 pandemic spurred a massive shift toward telework as companies tried to both stay operational and safe. One of the biggest impacts of this shift
Read More
Article

Web Browser Security in Windows 10

Web Browser Security Windows 10 browser security is a constantly evolving and update process. Data security in Windows 10 starts with a high encryption, usi
Read More
Article

Microsoft’s Project OneFuzz Framework with Azure: Overview and concerns

In September 2020, the Microsoft Security Team announced that Microsoft’s new open-source fuzzing platform, Project OneFuzz, was available as an open-source
Read More
Article

Stantinko Trojan: What it is, how it works and how to prevent it | Malware spotlight

The number of threats attacking Linux systems have exploded in recent days. Within this context, a botnet that impacted several countries in the past, includ
Read More
Article

How to control the flow of a program in x86 assembly

Learn about x86 assembly instructions you can use to control the flow of a program in the ninth article in our x86 assembly series.
Read More
Article

Top 25 vulnerabilities exploited by Chinese nation-state hackers (NSA advisory)

Introduction China is considered a world leader in cybercrime. It is amongst “the most hacker-active countries” in terms of intensity of outgoing attack tra
Read More
Article

Mitigating MFA bypass attacks: 5 tips for developers

Introduction App developers have enough reasons to integrate multi-factor authentication (MFA) into their offerings. Passwords just don’t do the trick, as t
Read More
Article

5 benefits of paying for an employee's professional certification

There are many reasons an employee may want professional certification: personal sense of achievement, an increase in salary or status, promotion or speciali
Read More
Article

How to diagnose and locate segmentation faults in x86 assembly

Get an overview of how segmentation faults can occur in x86 assembly and C in the eighth article in our x86 assembly series.
Read More
Article

How to use the ObjDump tool with x86

Learn about ObjDump by running it against a simple Hello World program in the seventh article in our x86 assembly series.
Read More
Article

Deception technologies: 4 tools to help you identify threats and mitigate risks

Introduction Deception technologies have come a long way from the days when honeypots were used to analyze attacker behavior. Today’s deception tools contai
Read More
Article

Debugging your first x86 program

Learn how to debug an x86 assembly program using GDB, one of the most popular debuggers available, in the sixth article in our x86 assembly series.
Read More
Article

6 key elements of a threat model

How to identify threats and discover vulnerabilities with threat modeling Threat modeling is a process for threat discovery and risk management. Any system
Read More
Article

Best cyber ranges for cybersecurity professionals and teams

According to one count, there are 3.5 million unfilled cybersecurity jobs across the country. Solving the skills shortage in a time of growing cyber threats
Read More
Article

How to build a program and execute an application entirely built in x86 assembly

Learn how to build a program and execute an application entirely built in x86 assembly in the fifth article in our x86 assembly series.
Read More
Article

Overview of common x86 instructions

Get an overview of common x86 instructions and how to use them in the fourth article in our x86 assembly series.
Read More
Article

Top threat modeling frameworks: STRIDE, OWASP Top 10, MITRE ATT&CK framework and more

Threat modeling is an exercise designed to identify the potential threats and attack vectors that exist for a system. Based upon this information, it is poss
Read More