Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

IOS Application Security Part 11 - Analyzing Network Traffic over HTTP/HTTPS

In the previous article, we looked at IOS filesystem and forensics. In this article, we will be looking at how we can analyze the network traffic flowing acr
Read More
Article

Rootkits On Your Smartphone

While security of mobile operating systems is one of the most researched topics today, exploiting and rootkitting ARM-based devices gets more and more intere
Read More
Article

Confessions of an Identity Thief – Part 2

The saga continues. Now things get really interesting. In our last episode our identity thief had successfully procured a check made out to the dealership fo
Read More
Article

IOS Application Security Part 10 - IOS Filesystem and Forensics

In this article, we will be looking at the IOS filesystem, understand how the directories are organized, look at some important files, and look at how we can
Read More
Article

.NET Reverse Engineering –Part 2

Introduction The first Article of this series touched the most significant aspect of the MSIL code Instructions, for instance, how a program written in ILAS
Read More
Article

Facebook Technologies

As in any other field, for a win, we should take a look at the successful stories and case studies around us. In this article I would like to talk about opti
Read More
Article

How Edward Snowden protected information … and his life

Who is Edward Snowden? Edward Snowden is the man who changed the history of the Internet; he revealed information on the largest and most secret surveillance
Read More
Article

The Mobile Device Management Saga: An SIEM (Security Information Event Management) perspective

Wikipedia defines Mobile Device Management (MDM) solutions as solutions that secure, monitors and supports mobile devices, deployed across various Mobile ser
Read More
Article

Password Auditing Explained

Why Audit?  Harriet Beecher Stowe is credited with the quote "Human nature is above all things lazy" - while I prefer to think of myself as 'efficient' rathe
Read More
Article

Means and Methods of Web Tracking: Its effects on privacy and ways to avoid getting tracked

 1. Introduction Below, we will discuss the reasons that incited people, businesses and governmental agencies to employ web tracking, detailed and basic meth
Read More
Article

Fitting cyber attacks to jus ad bellum — Consequence-based approach, Part III

1. Criticism and Possible Flaws of Consequence-Based Approach and Seven-Factor Test There are people from the field of law, and not only from that field, wh
Read More
Article

IOS Application Security Part 9 - Analyzing Security of IOS Applications using Snoop-it

In some of the previous articles, we have looked at how we can dump class information of IOS apps using class-dump-z, hook into the runtime using Cycript and
Read More
Article

Socket Programming

Introduction This article will give you a broad understanding of key networking concepts, such as ISO stack and TCP/IP, and how applications can logically an
Read More
Article

Password Cracking Evolution

In this article, my goal is to show the evolution in password cracking era how hackers/crackers cracked passwords around 10 years ago and how they are cracki
Read More
Article

.NET Assembly Programming

Abstract In this series, we'll examine the core details of creating, deploying and configuring .NET assemblies and its advantage over existing COM technolog
Read More
Article

Fitting cyber attacks to jus ad bellum — Target-based approach

I. Essence The target-based is the second approach that theorists and practitioners use to tuck cyber warfare into the unfitting law framework that jus ad be
Read More
Article

Confessions of an Identity Thief

Note: This is the first in a series of articles written by a convicted felon currently serving 57 months in a federal correctional institution for identity t
Read More
Article

Common Vulnerability Scoring System

1. Introduction This article presents an open framework for scoring IT vulnerabilities— the Common Vulnerability Scoring System (CVSS) Version 2.0. It introd
Read More
Article

.NET Reverse Engineering-1:CIL Programming

Introduction The prime objective of this article is to confront with the .NET mother tongue language termed as Common Instruction Language (CIL) which laid d
Read More
Article

Fitting cyber attacks to jus ad bellum — Instrument-based approach

Introduction The coming of new technologies is challenging to many fields of human activity. In particular, there is a discrepancy between IT and the laws
Read More
Article

IOS Application Security Part 8 - Method Swizzling using Cycript

In the previous article, we looked at how we can install custom apps on our device without a developer certificate. In this article, we will look at how we c
Read More
Article

Programming with COM

Abstract This article commences by taking a brief backward glimpse at COM then compares it with the way that components interact in .NET, and finally it tak
Read More
Article

The Palantir Technologies model, lights and shadows on a case of success

Introduction In this article one of the most debated intelligence company is presented: the Palantir Technologies, a firm that is recognized as one of most b
Read More
Article

IOS Application Security Part 7 - Installing and Running Custom Applications on Device without a registered developer account

Usually, to test apps on a device, you need to be a registered developer which costs about $99/year. For people who want to learn IOS Application security, i
Read More