Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Security Awareness Course Design Best Practices

A well-designed security awareness course on its own does not guarantee a success for your security awareness program. There are many other important factors
Read More
Article

Snort Covert Channels

Lab 3: Covert Channels Covert channels are used by outside attackers to establish communications with the compromised system, or by malicious insiders to sec
Read More
Article

Security best practices for git users

In recent years git has become one of most popular SCM/Version Control systems. Usage in some high-profile open-source projects like Linux or Raspberry Pi an
Read More
Article

Snort network recon techniques

Lab 2: Network Recon In this lab, we will examine some popular network recon techniques and practice writing Snort rules for their detection. [pkadz
Read More
Article

Social Networking Forensics with Bulk_Extractor

Bulk_Extractor quick overview and Installation bulk_extractor is a computer forensics tool that scans a disk image, a file, or a directory of files and extra
Read More
Article

Using Mobile Devices for Hacking

Objective: The following lab will instruct you in booting a live version of Android. Using this live version of Android this lab will walk you through the st
Read More
Article

Security Vulnerabilities of Internet-Connected Homes

1. Introduction In the past ten years, there has been a steady increase in the number of Internet-connected home devices. However, the huge influx of such de
Read More
Article

Cyber Criminal Ecosystems in the Deep Web

Introduction The analysis of black markets is essential to understand the evolution of phenomena in the criminal underground. The first aspect to consider wh
Read More
Article

VoIP network recon: Footprinting, scanning, and enumeration

The traditional PSTN has been replaced by more advanced and efficient VoIP network. VoIP has quickly made its place in the corporate and home environment as
Read More
Article

Complete Tour of PE and ELF: Directories

In Part 1 and Part 2 of this series we have done a walkthrough of almost 70 percent of E structure. There are still some import sections remaining like expor
Read More
Article

Android forensic logical acquisition

The following is a demonstration of how we will create an Android Emulator; then we will go through needed steps to acquire a logical image of the system and
Read More
Article

Complete Tour of PE and ELF: Data Structures

We covered some important sections in Part 1 of this series. In this part, we will cover some more complex data structures including important concepts of bi
Read More
Article

Configuring a Test Lab for Data Analysis

The world of IT Security revolves around data. This data mainly consists of logs that are generated, collected, stored and analyzed. Considering the large am
Read More
Article

Race condition (TOCTOU) vulnerability lab

[download]CLICK HERE TO DOWNLOAD THIS LAB AS A PDF[/download] Lab overview A race condition occurs when two threads access a shared variable at the same ti
Read More
Article

DDoS Attacks: Targets and ‘Smoke & Mirrors’ Mode

Introduction It is clear that distributed denial-of-service (DDoS) attacks are still in vogue. It is clear that they have become more ubiquitous, more sophis
Read More
Article

Top 7 Android Ransomware Threats

Malicious programs categorized as ransomware, which encrypts their victims' personal files and demands a ransom for restoring the locked data, proved to be e
Read More
Article

Developments in Machine Learning vs. Traditional SIEM Solutions

For decades, Information security analysts have been scanning through security logs trying to find anomalies that could lead to security incidents. In the be
Read More
Article

The Ferizi Case: The First Man Charged with Cyber Terrorism

Who is Ardit Ferizi? In October 2015, for the first time, the US Justice Department has charged a suspect for terrorism and hacking. The US Government has ch
Read More
Article

Oil and Gas Cyber Security 101

Recently, I've published a post in the form of Interview about Oil and Gas Cyber Security, and it received a lot of attention. It seems that nowadays researc
Read More
Article

Complete Tour of PE and ELF: An Introduction

I have decided to come up with an end-to-end malware analysis course and even extend it to memory forensics and detecting APT's. Though this might sound grea
Read More
Article

Is your Security Awareness Program Culturally Sensitive? (And does it matter?)

A security awareness program is probably the first line of defense against modern threats to IT systems and company data. Although more and more advanced tec
Read More
Article

Legal issues of new and emerging technologies

Since the invention of the agriculture in the Fertile Crescent, the humanity has witnessed continuous technological developments. Such developments affect th
Read More
Article

Categorizing the Types of GNU/Linux users

I have been a GNU/Linux user for almost seven years now, and I have been using GNU/Linux since college. In fact, during my college years, I was the only Linu
Read More
Article

PoS Malware: All You Need to Know

Introduction to POS malware PoS malware continues to be a serious threat to several industries, from retail to the hotel industry. Respect our previous post,
Read More