Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Security for Small and Medium Enterprises, Part 1

Those trained and experienced in the Information Security area know all about IDS systems, biometric security, Disaster Recovery systems, and all the other e
Read More
Article

Antivirus Evasion: The Making of a Full, Undetectable USB Dropper / Spreader

Some Basics and Overview Usually when we talk about bypassing antivirus software, and especially when we talk about antivirus programs like NOD32, Kaspersky
Read More
Article

Introduction to Controlling the Integrity of the File System

Do you remember my article about physical security? If so, this article can be seen as its development. If there it is more focused on the security of an org
Read More
Article

IronWASP Part 1

IronWASP stands for Iron Web application Advanced Security testing Platform, and was developed by Mr.Lavakumar Kuppan. It is an open source system and is mai
Read More
Article

Noobz guide for setting up a vulnerable lab for Pentesting

Most of the people I know who are new to penetration testing want to hone and enhance their skills, but they have problems like: They don't have a tar
Read More
Article

Backups. What will happen to your data?

If you woke up tomorrow morning and found that your computer or portable device wouldn't turn on, or had been stolen, what would you do? I'm a computer troub
Read More
Article

Installing and Running the Honeypot

This article is in continuation of Part 1 of the series on Ghost USB Honeypot. Malware threats have become very common these days and hence the need of honey
Read More
Article

How to Break Simple Software Protections

Some software developers are really lazy when it comes to protecting their products, and in some cases, the protection they implement (just like most "infamo
Read More
Article

Drupal Security Notes

Drupal is one of the most popular free and open source web application frameworks. Drupal is almost infinitely extensible through not only various theme poss
Read More
Article

Best Practices When Creating Passwords

I understand perfectly well that the InfoSec website has often discussed the use of good algorithms for hashing passwords. But these articles were usually ve
Read More
Article

Windows Vulnerability Assessment

Nowadays every enterprise, be it small or large, depends on information technology (IT) for some or most of its operations, and with IT; comes information se
Read More
Article

It Is Simple, If I Can Compromise Your Wireless Router, I Own Your Network! Period!

It is convenient, it is a necessity, and some devices give you no other option: wireless networking is all around us. We all use wireless networks on a dail
Read More
Article

Free Web Application Scanners, Part 1

With the rapid increase in technology usage, every company is desperate to provide their services over the Internet. They believe that by offering their serv
Read More
Article

Human Resource Management in Agile - Part 4

In the previous parts of our discussion we focused on internal team building and communication within the team and self-motivation. Today we will go on. We'l
Read More
Article

Bank Fraud & ATM Security

ATMs Fraud Trends According to the last 2011 survey (*) in 27 European countries, card skimming is still the most prevalent crime, however 61% of European c
Read More
Article

The Browser Exploitation Framework (BeEF) – Part 2

The first article in this series can be found here: The Browser Exploitation Framework (BeEF) – Part 1. 1. Using the Modules In this section we'll describe
Read More
Article

Improving Mobile Security with Santoku

Mobile security has been gaining popularity in recent times. Many mobile-based attacks are being discovered as the mobile industry grows more complex and new
Read More
Article

Human Resource Management in Agile - Part 2

Part one of this article series can be found here: Human Resource Management in Agile Part 2. From the previous article you could find out what mistakes you
Read More
Article

The browser exploitation framework (BeEF) – Part 1

We can categorize the BeEF social engineering framework as shown in the picture below: [pkadzone zone="main_top"] [pkadzone zone="main_top"] We
Read More
Article

Incident Response Planning

Boring topic? Maybe. But if you believe what Gartner has to say: "Through 2016, 75% of CISO's who experience publicly disclosed security breaches, and lack d
Read More
Article

Crack Me Challenge: Final Edition

Part 6 [pkadzone zone="main_top"] [pkadzone zone="main_top"] The code for logical segment 6 is as follows: 0040181F |. B9 10000000 mov ecx,10
Read More
Article

Social Media & Security Risk

Social media is the two way communication in Web 2.0 and it means to communicate / share / interact with an individual or with a large audience. Social media
Read More
Article

WordPress Security

1. Introduction There are numerous tools available when checking the security of the WordPress Content Management System (CMS). In the rest of the article we
Read More
Article

CrackMe Challenge Part 3: The Logic Behind the First Challenge

If we take our predicate that we've seen in the end of part 2 into account and input at least 64 bytes (0x40) into the Key 1 field and leave the Name field a
Read More