Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

The concept of mobile phone

The digital forensic community is striving hard to stay abreast of the current state of the art in the constantly changing technologies which we use to expos
Read More
Article

Feature Phone Forensics

Introduction A feature phone can be described as a wireless mobile device that has more features than a standard cell phone, but limited capabilities when yo
Read More
Article

Petya Ransomware Initial Analysis

The document below is an initial level analysis of the recent Petya Ransomware (2017). We will also discuss an analysis of a dll variant of the ransomware.
Read More
Article

SecOS: 1 CTF Walkthrough

In this article, we will try to solve another Capture the Flag (CTF) challenge which was posted on VulnHub by PaulSec. According to the information given in
Read More
Article

The Ins and Outs of Email Security Awareness

Email has been used as a medium for remote communication even before the World Wide Web and other technological breakthroughs came into light. Though email s
Read More
Article

Ways to Stay Secure When using File Sharing

When sharing small files over the Internet, you can always attach them to an email but, when the file is large, it may not be possible to send it via email.
Read More
Article

Reverse Engineering – LAB 3

Software: IDA Pro Free (v 5.0) DLL Name: Test.dll[pkadzone zone="main_top"] Story about DLL: This DLL is reportedly scanning the system for running the proc
Read More
Article

Practical android phone forensics

Today's world is Android World. Almost 90% of devices are running on Android, and each one of us is using Android in some or the other way. There are various
Read More
Article

AlphaBay Market: What is the Impact of the Cyber-criminal Underground?

The AlphaBay Market was shut down by the law enforcement AlphaBay Market was the largest black marketplace on the Dark Web, it was an excellent aggregator f
Read More
Article

Vault 7 Data Leak: Analyzing the CIA files

Digging the Vault 7 dumps In a first post on the Vault7 dump, we analyzed the information contained in files leaked by Wikileaks and allegedly originating fr
Read More
Article

Learning Pentesting with Metasploitable3: Exploiting WebDAV

In the third part of this series, we discussed how to exploit Metasploitable3 using a vulnerability in Elasticsearch 1.1.1. As mentioned in one of the prev
Read More
Article

More Security Issues Surrounding Virtual Personal Assistants

Introduction Our last article reviewed some of the Security issues surrounding the use of the Virtual Personal Assistant. Some of the Security issues involve
Read More
Article

Learning Pentesting with Metasploitable3: Exploiting WordPress

Introduction: This is part 5 in the series of articles on learning pentesting with Metasploitable3. In the previous article, we discussed how WebDAV could be
Read More
Article

Exploiting Windows Authentication Protocols: Introduction

SMB relay attack Exploiting the weak Windows authentication protocols is on the top of the list for any adversary, because it mostly relies on a design flaw
Read More
Article

Security Awareness for Customer Service Representatives

Customer service representatives are considered the frontline for your company. They have a huge effect on customer satisfaction so organizations usually spe
Read More
Article

Security Awareness for End Users

The security of your company relies on a sound digital infrastructure and an IT team that can support it. However, as we’re about to explore below, it’s an o
Read More
Article

Phishing Checklist for Browsing Emails

Phishing emails often look authentic and can trick you into believing they are legitimate. It’s becoming more and more difficult to spot fraudulent emails, w
Read More
Article

Amazon Phishing Template: Example and Preventing Attack

What to do if you’ve clicked on an Amazon Phishing Email Amazon is the world's largest online retailer and a prominent cloud services provider. Despite being
Read More
Article

Mobile Systems Vulnerabilities

With a significant increase in Android malware and targeted Wi-Fi attacks over the past few years, consumer and enterprise mobile devices are more prone than
Read More
Article

Trend Micro OSINT Challenge

In this article, we are going to solve all three OSINT challenges from Trend Micro CTF.[pkadzone zone="main_top"] Challenge 1: Today you received an email t
Read More
Article

Learning Pentesting with Metasploitable3: (Exploiting WebDAV)

Introduction: In the third part of this series, we discussed how to exploit Metasploitable3 using a vulnerability in Elasticsearch 1.1.1. As mentioned in one
Read More
Article

Massive Petya Attack: Cybercrime or Information Warfare?

Hits organizations in several states Just five weeks after the WannaCry massive attack, a new wave of ransomware-bases attack hit targets in various countrie
Read More
Article

/dev/random: Pipe CTF Walkthrough

In this article, we will try to solve another Capture the Flag (CTF) challenge which was posted on VulnHub by the Segi. The downloadable URL of the Virtual M
Read More
Article

Learning Pentesting with Metasploitable3: Exploiting Elasticsearch

Introduction: In the second part of this series, we discussed how we could gather information about our target to proceed with the exploitation phase. Let's
Read More