Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Analyzing malicious PDFs

PDF files have become very common in everyday work. It's hard to imagine business proposals without PDFs. The PDF format is used in almost all companies to s
Read More
Article

.NET reversing with Reflexil

Technically speaking a .NET built software or component (DLL) resembles an executable assembly. That's because it's compiled in MSIL, and you can usually vie
Read More
Article

Exploiting Linux Kernel Heap Corruptions (SLUB Allocator)

1. Introduction In recent years, several researchers have studied Linux kernel security. The most common kernel privilege vulnerabilities can be divided into
Read More
Article

SIM card forensics: An introduction

The SIM (subscriber identity module) is a fundamental component of cellular phones. It also known as an integrated circuit card (ICC), which is a microcont
Read More
Article

IOS Application Security Part 23 - Defending against runtime analysis and manipulation

In the previous articles, we have looked at how we can use debuggers and tools like Cycript to do runtime analysis and manipulation of IOS Applications. We h
Read More
Article

Human Factors in Information Security Management Systems

It is hard to accept that nowadays, organizations get along without having an astute and decisive information system. Providing a reliable and coherence info
Read More
Article

Risk associated with cookies

The Internet is surely the best resource to gather any kind of information about products, shops, customer complaints, user experience, etc. Companies are tr
Read More
Article

Privacy Implications of the Internet of Things

Introduction The term "Internet of Things" refers to the use of the Internet for monitoring, tracking, controlling, and interconnecting everyday objects. Fo
Read More
Article

Tunnelling SSH Traffic

Overview Security plays an important role in our internet world. As the number of users on the internet increases, it's necessary to have secure communicati
Read More
Article

Reversing firmware part 1

The article will explore various strategies for reversing firmware, with some examples. Finally, some best practices are mentioned. Embedded systems and f
Read More
Article

Reverse Engineering with Reflector: Part 1

Abstract This paper intended to teach sophisticated reverse engineering tactics, mainly by using Red Gate Reflector. This article demystifies dissembling and
Read More
Article

IOS Application Security Part 22 - Runtime Analysis and Manipulation using GDB

In this article, we will look at how we can use GDB to perform runtime analysis of IOS applications. In the previous articles, we have looked at how we can u
Read More
Article

How Classified NSA Exploit tools RADON and DEWSWEEPER Work

The NSA FoxAcid Platform Security expert Bruce Schneier is one of the most authoritative experts who revealed that the NSA has a wide-ranging arsenal of zero
Read More
Article

Top Links of Tools Compilation for Pentesting, Forensics, Security, and Hacking

Are you still looking for a suite of tools that may complete your day-to-day activities, or are you just looking for new tools that you can try or play with?
Read More
Article

Fuzzing for SQL injection with Burp Suite intruder

This article introduces Burp Suite Intruder and shows how it can be used for SQL injection fuzzing. Burp suite intruder It is a part of Burp Suite, which i
Read More
Article

IOS Application Security Part 21 - ARM and GDB Basics

All the IOS devices released uptil now are based on the ARM architecture. All the Objective-C code that we write while developing IOS applications is first c
Read More
Article

Web Services Penetration Testing, Part 2: An Automated Approach With SoapUI Pro

In the previous article, we discussed how the sudden increase in the use of web services makes it an important attack vector. Also, we covered different com
Read More
Article

Modern Online Banking Cyber Crime

Introduction In recent years, cyber crime has grown by leaps and bounds. Cyber crime revenue grew to levels comparable to that of a state, and major security
Read More
Article

Remoting Technology

Distributed Computing Abstract[pkadzone zone="main_top"] This article covers the means of cross-process and cross-machine interaction of applications develop
Read More
Article

Gentoo Hardening: Part 3: Using Checksec

Checksec The checksec.sh file is a Bash script used to verify which PaX security features are enabled. The latest version can be downloaded with the wget com
Read More
Article

2013 - The Impact of Cybercrime

Introduction Recent studies published on the evolution of principal cyber threats in the security landscape. They present concerning scenarios, characterized
Read More
Article

Reverse engineering with OllyDbg

The objective of writing this paper is to explain how to crack an executable without peeping at its source code by using the OllyDbg tool. Although, there ar
Read More
Article

Gentoo Hardening: Part 2: Introduction to PaX and Grsecurity

Configuring PaX with Grsecurity We've already briefly discussed PaX, but now it's time to describe it in detail. PaX provides the following security enhancem
Read More
Article

Understanding Session Fixation

1. Introduction Session ID is used to identify the user of web application. It can be sent with the GET method. An attacker can send a link to the user wit
Read More