Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

PCI-DSS and PA-DSS

Today's online domain and a cashless way of transacting business have brought more players into the payment industry than yesterday. Cash is no longer consid
Read More
Article

Android Application hacking with Insecure Bank - Part 3

In this article, we will look at attacking components in Android applications, starting with activities. But first, it is essential to understand what Androi
Read More
Article

Browser-based vulnerabilities in web applications

Abstract Web browsers or mobile browsers are software applications that act as the intermediary applications between a user and the World Wide Web and are u
Read More
Article

Buying personal information in the deep web

The criminal underground Before starting our quick tour in the criminal underground to collect information on the principal items and services offered for s
Read More
Article

Digital Dark Age: Information Explosion and Data Risks

"Old formats of documents that we've created or presentations may not be readable by the latest version of the software because backwards compatibility is n
Read More
Article

Ethical Hacking Dual Certification

Interested in an online course for hacking? A dual training CEH boot camp?[pkadzone zone="main_top"] Our most popular information security and hacking train
Read More
Article

Cracking a Wi-Fi WPA2 Password, Thanks to Amazon

In a pen tester's life, sooner or later you are cracking a password. This activity depends on the type of password and available hardware. Today I want sh
Read More
Article

Wi-Fi Security: Securing Yourself against Practical Wireless Attacks

While the access points in organizations are usually under the protection of organization-wide security policies, home routers are less likely to be appropri
Read More
Article

Understanding iOS Security: Part 1

Apple uses iOS (operating system) to power many of its mobile devices such as iPhone, iPad and so on. From the beginning, security has been placed at the cor
Read More
Article

Introduction to GSM security

The Global System for Mobile Communication or GSM is a wireless communication that uses digital technology and is widely deployed across the globe for mobile
Read More
Article

Packet crafting: a serious crime!

Packet crafting is the art of creating a packet according to various requirements to carry out attacks and to exploit vulnerabilities in a network. It's main
Read More
Article

iOS Application Security Part 39 - Sensitive information in memory

In this article, we will look at analyzing the memory contents of an iOS application. iOS applications may store sensitive information like passwords, sessio
Read More
Article

Cyber Security Risks in Supply Chain Management – Part 2

In Part 1 of this article series, I discussed various risks involved in supply chain management with the latest example of a malicious adware named "Superfis
Read More
Article

The FREAK Vulnerability: From Discovery to Mitigation

A few weeks ago, security experts discovered a new major security SSL/TLS vulnerability, dubbed FREAK, that for more than a decade left users of Apple and Go
Read More
Article

Cyber Security Risk in Supply Chain Management: Part 1

Introduction Cyber security is generally thought of as various types of security devices like firewalls, Web Application Firewall (WAF), IDS/IPS, SIEM, DLP e
Read More
Article

Understanding Web Caching

Quite often we see Web pages that include images and other files loading faster than we expect. If you are wondering how that happens, Web caching could be o
Read More
Article

n00bs CTF Labs - Solutions!

Congratulations to our winners and a big shout out to everyone who participated in the n00bs Capture the Flag Challenge! Check out the winning write-ups in t
Read More
Article

Digital footprints and privacy concerns

"It is too difficult to give exact statistics on the amount of data people leave, but confirmed every time we perform an online action, we are contributing
Read More
Article

DDoS on UPNP Devices

Denial of service (DOS) attack is an attempt to make a machine or a network resource unavailable to its users. It basically consists of methods to temporaril
Read More
Article

n00bs CTF Labs by Infosec Institute

n00bs CTF (Capture the Flag) Labs is a web application presented by Infosec Institute. It has 15 mini Capture the Flag challenges intended for beginners and
Read More
Article

Equation Group APT and TAO NSA: Two Hacking Arsenals Too Similar

The Equation Group In February 2014, the team of experts from Kaspersky Lab announced the discovery of a hacking group operating since 2001 that managed nume
Read More
Article

HTML5 Security: Cross Domain Messaging

In this article, we will discuss HTML5 Web Messaging (or Cross Domain Messaging) attack vectors and security implementations. Why is it important to understa
Read More
Article

Biometrics: Today’s Choice for the Future of Authentication

The options currently available for user authentication fall within three categories: authentication through something that the user knows, such as a PIN or
Read More
Article

OWASP ProActive Controls: Part 2 of 2

In the first part of this series, we covered the Top 5 OWASP ProActive Controls and learned how they can prove to be of great use in securing applications. I
Read More