Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Steganography and Steganalysis: Common Image Formats and LSB Part 2

JPEG One of the most common image formats is JPEG. It surely deserves a particular discussion, and, in addition, it's very frequently used as Cover Media, in
Read More
Article

IOS Application Security Part 26 - Patching IOS Applications using IDA Pro and Hex Fiend

In the previous applications we have looked at how we can hijack method implementations during runtime using Cycript, and even change the logic of the code r
Read More
Article

Unordinary Predictions for Information Security in 2014

Introduction The year is closing and it's time for prediction of the evolution of the security landscape in 2014. It's easy to predict an increase in the vol
Read More
Article

Steganography and Steganalysis: Common Image Formats and LSB

Part 1: Introduction The information revolution, which resulted in the Internet and in modern communication technologies, has pushed our society more and mor
Read More
Article

Legality of DDoS: Criminal Deed vs. Act of Civil Disobedience

Introduction This article was inspired by two factors: 1) the petition filed by Anonymous on the White House's We the People website in the beginning of 2013
Read More
Article

Firewall Unleashed

Introduction Firewalls are used to control the inbound and outbound traffic on a protected network. They have an ability to block and allow the internal as w
Read More
Article

Android Application Penetration Testing: Setting up, Certificate Installation and GoatDroid Installation

To begin with mobile application penetration testing on the Android platform, we have multiple tools available that can be easily downloaded and installed to
Read More
Article

Vulnerability Scanning with Metasploit Part I

Metasploit Framework, the Metasploit Project's best-known creation, is a software platform for developing, testing, and executing exploits. It can be used to
Read More
Article

IOS Application Security Part 25 - Secure Coding Practices for IOS Development

In this article, we will look at some of the best practices an IOS developer should follow in order to make sure that their application is not easily exploit
Read More
Article

Shadow Network

Part I I. Introduction[pkadzone zone="main_top"] Similarly to the real real-life situation where a GhostNet report is followed by the one on the Shadow netwo
Read More
Article

Invalid SSL certification exploitation

Internet usage is growing dramatically, but the vast majority of Internet users don't have any security backgrounds. Nor do a large majority of companies car
Read More
Article

Improving SCADA System Security

Introduction Supervisory control and data acquisition (SCADA) networks contain computers and software that perform critical tasks and provide essential servi
Read More
Article

Applied cracking & byte patching with IDA Pro

In the previous IDA Pro article, we took a look at the basics of reverse engineering source code and binary files. This rare dissertation committed to impart
Read More
Article

Learning how to pentest VPNs with VulnVPN

VulnVPN has been created by the author of http://www.rebootuser.com/ and I must say that it is a very good effort. The goal is to gain root access to a VPN s
Read More
Article

LAYER 7 DDOS ATTACKS: DETECTION & MITIGATION

Introduction: Initial Detection/Mitigation Challenges[pkadzone zone="main_top"] Before we go to the main topic of this article, let us take heed of two fact
Read More
Article

Anti- Reverse Engineering (Assembly Obfuscation)

This article illustrates these contents in detail: Abstract Obfuscation The .NET Application Anti-Reversing Implementation Obfuscated Code Analysis MS
Read More
Article

Attacking MS SQL server to gain system access

All systems and database administrators will agree that password complexity does not go very far when it comes to SQL servers. Whether this is done to keep t
Read More
Article

IOS Application Security Part 24 - Jailbreak Detection and Evasion

In this article, we will look at the checks a developer can incorporate in his application to check whether the device on which the application is running is
Read More
Article

Web Services Penetration Testing Part 5: Manual Testing with soapUI

In the previous article, we discussed the importance of manual web services penetration testing, how to perform a manual test using SOA Client, how SOA clie
Read More
Article

Web Services Penetration Testing Part 4: Manual Testing with SOA Client

In the previous article, we discussed the automated tools available for testing web services, how to automate web services penetration testing using differe
Read More
Article

Tracking user activities using web bugs

We live in a world where we're connected to each other by a mouse click and a few keystrokes. It's a revolution that changed the way we live our lives and ru
Read More
Article

Windows 7 Exploitation

Microsoft Windows 7 is much more secure than Microsoft Windows XP. The Windows XP operating system has lots of OS vulnerabilities and the malware infection r
Read More
Article

Web Services Penetration Testing Part 3: Automation with AppScan and Webinspect

In the previous article, we discussed the importance of tools in penetration testing, how automation helps in reducing time and effort, and how to automate
Read More
Article

Windows Systems and Artifacts in Digital Forensics: Part III: Prefetch Files

1. Introduction In this article, I'm going to focus on prefetch files, specifically, their characteristics, structure, points of interest in terms of forensi
Read More