Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Writing Python Compiled Modules

Any code that you write utilizing any compiled language like C, C++, or Java can be integrated or imported into another Python script. This code is considere
Read More
Article

Mumblehard Malware

Introduction In this article, we will learn about a malware known as Mumblehard which is known for targeting Linux and BSD OS. This malware opens a backdoor
Read More
Article

Sharkfest 2014 Part I

The sharkfest challenge was organized by Wireshark University. There are five challenges related to the trace files analysis. In each challenge, there are so
Read More
Article

The 6 D’s of Cyber Security

In this article, we will discuss the 6 D's of cyber security and how you can implement them in your own cyber-defense strategy -- Deter, Detect, Defend, Defl
Read More
Article

Format String Bug Exploration

ABSTRACT The Format String vulnerability significantly introduced in year 2000 when remote hackers gain root access on host running FTP daemon which had anon
Read More
Article

Cracking 64bit Binaries

Keygenning is a process of finding a valid key for a program. It is used for cracking/piracy. Most of the cracking has been documented on x86, there haven't
Read More
Article

VENOM Vulnerability Opens Millions of Virtual Machines to Attack

The VENOM vulnerability A security vulnerability recently patched is scaring the IT industry, its name is VENOM, and it is coded as CVE-2015-3456. The dreade
Read More
Article

USBkill Anti-Feds Script

Recently, a simple script has been presented that can help someone to brick a computer in case of emergency. This script was defined as a switch killer, but
Read More
Article

Dynamic Analysis Techniques

As we have covered the malware analysis basics with static techniques here, this post is all about performing the basic analysis of malware using dynamic tec
Read More
Article

How to acquire a user’s facebook credentials, using the credential harvester attack

In this article you will see how you can obtain a user's Facebook credentials without him suspecting a thing. There are going to be provided two versions of
Read More
Article

Fingerprinting: Identifying applications

When performing a Web Application Security Assessment, an important step is Fingerprinting which allows for further exploitation by an attacker. So as a secu
Read More
Article

“Phishing” is the Name of the Game

Recent Trends Intro to the Concept Phishing is an Internet identity fraud that a malicious actor employs to dupe unsuspecting online users into revealing the
Read More
Article

Nmap Cheat Sheet 5: The Final View of a Ninja Pentester

As we discussed in the last topic of our Nmap Series, this will be our final touch for the cheat sheet. Here we will try to cover most of the topic as requir
Read More
Article

Defending Against Web Attacks: X-XSS Protection

In the previous article, we have seen how we can defend against click jacking attacks using the X-Frame-Options header. In this article, we will discuss anot
Read More
Article

Spearphishing: A New Weapon in Cyber Terrorism

Introduction: Spear phishing attacks Spear phishing and its evolutions like the watering hole attack represent one of the most insidious attack techniques ad
Read More
Article

Why Artificial Neural Networks (ANN) Technology Offers a Promising Future in IDS/IPS

Intrusion systems have been the subject of considerable research for decades to improve the inconsistencies and inadequacies of existing methods, from basic
Read More
Article

Debugging in the Cloud

In the world we live in, there are different kinds of professions where debugging has been a vital piece of knowledge we must have in order to do our jobs su
Read More
Article

Http verb tempering: bypassing web authentication and authorization

What is an HTTP VERB? Hypertext transfer protocol (HTTP) gives you list of methods that can be used to perform actions on the web server. Many of these meth
Read More
Article

Overwriting the Stack

In previous articles, we got to know the basics of the Stack Based Buffer Overflow and changing the address in the run time by modifying the register value u
Read More
Article

The importance of cyber hygiene in cyberspace

The drastic increase in the frequency of cyber attacks on financial systems and the healthcare industry (both large and small scale industries) have raised c
Read More
Article

Static malware analysis

Starting here, I would like to share the results of my recent research into malware analysis. We will begin with someĀ basics and proceed to advanced levels.
Read More
Article

Security features and risks in Google Chrome

Today a web browser has become a very important piece of software in our daily life. It is an application that finds and displays the web pages. Be it via mo
Read More
Article

Defeating Conundrums: Solutions to Net-Force Internet CTF Challenges

About Net-Force Internet Challenges These challenges require that you provide the correct passwords that are revealed to you after solving them. The challeng
Read More
Article

HTML5 security: Local storage

In a previous article of mine, I discussed Cross Domain Messaging in HTML5. This article walks you through another feature, called local storage, and its sec
Read More