Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Virtual DMZs in the cloud

DMZ or DeMilitarized Zone is primarily used to separate the network into multiple blocks to enhance security. The name is derived from the same term used to
Read More
Article

Russia and Ukraine: Information Warfare

The Current Situation The fighting in Ukraine has escalated sharply since the elections on May 25th. President-elect Petro Poroshenko, backed by the European
Read More
Article

Guerilla Psychology and Tactical Approaches to Social Engineering, Part II

Introduction So far, we have discussed techniques used in manipulation, the characteristics that social engineers possess, the cycle of social eng
Read More
Article

PCI-DSS 3.0 - Key Drivers

Every organization should follow a proactive rather than a reactive approach to protect against threats, risks, and vulnerabilities to which if their IT infr
Read More
Article

OWASP Practice: Learn and Play from Scratch

OWASP Practice is a virtual environment to help people who want to begin their journey into web application security. Lots of material including videos are a
Read More
Article

Hard Drive Head Stack Replacement Demo - Data Recovery

Data recovery has been needed since man started to write things down. Why? Because what ever medium they tried to store the data on, it has always been susce
Read More
Article

Vulnerabilities in OpenSSL and GnuTLS: An Earthquake in Internet Encryption

HeartBleed … the Internet encryption earthquake The first serious earthquake in the encryption world is the disclosure of the Heartbleed vulnerability (CVE-2
Read More
Article

A History of Malware: Part Four, 2000-2005

I remember the eager anticipation that led to the turn of century. All throughout 1999, all I ever saw or heard in the media was millenium this, millenium th
Read More
Article

Hack-Proof Drones Possible with HACMS Technology

Introduction Unmanned Aerial Vehicles (UAVs) are one of the most flexible and useful solutions adopted by the military and private industries. Drones could b
Read More
Article

A History of Malware: Part Three, 1993-1999

In my previous article, I explained what happened to the evolution of malware when microcomputers started to become a major presence in small offices and hou
Read More
Article

Attacks on android webviews

In this series of articles so far, we have discussed various techniques to identify and exploit vulnerabilities in Android applications. In the previous arti
Read More
Article

Sinkholes: Legal and Technical Issues in the Fight against Botnets

Introduction The security community is observing a sensible increase of botnet activities, in particular of cloud-hosted botnets that are mainly based on the
Read More
Article

DOS Deflate: Layer 7 DOS Protection Tool

DOS/DDOS stands for Denial of Service/Distributed Denial of Service. DOS or DDOS is a type of attack in which a machine or a network resource is unavailable
Read More
Article

Windows 7 Security Features

Windows 7 is an Operating System developed and released by Microsoft in 2009. It was designed to be a successor to the Windows Vista range of operating syste
Read More
Article

Exploiting debuggable android applications

In the previous article, we have seen how to debug Java applications using a little tool called JDB. In this article, we will apply the same logic to exploit
Read More
Article

Behind Cyberbullying – Legislation & Coping Strategies

1. Preface: Cyberbullying and Digital Natives Dr. Sameer Hinduja and Dr. Justin Patchin at the Cyberbullying Research Center define cyberbullying as "wilful
Read More
Article

Building a Secure API in a Cloud Environment

Introduction In the last couple of years there has been a boom in cloud computing, but mainly just the term is new, as we've been using cloud services for ye
Read More
Article

Qualitative risk analysis with the DREAD model

This article introduces two types of risk analysis (quantitative, qualitative) and presents how to perform qualitative risk analysis with the DREAD model. Fi
Read More
Article

Penetration testing apps for android devices

According to recent research, the amount of mobile phone users is larger than PC users. At the same time, the number of people who own Android phones is incr
Read More
Article

A History of Malware: Part Two, 1989-1992

In my previous article, I told the story of the very first worms and viruses. Interestingly, a groundbreaking mathemetician, John von Neumann, and a science
Read More
Article

Android Application Security Testing Guide: Part 2

In our last part of this series (Android Application Security Testing Guide: Part 1), we discussed static analysis of Android APK files on the security backg
Read More
Article

Heartbleed: What can be Learned from Playing the "Blame Game"?

By now, everybody who hasn't been living under a rock since April 7th this year has heard of Heartbleed. Most know that it is a devastating blow to security
Read More
Article

Android Tamer – A Walk Through

Are you a Backtrack/Kali freak? Ever thought of having a similar distribution in your arsenal dedicated for Android Security? "Android Tamer" is the solution
Read More
Article

A History of Malware: Part One, 1949-1988

These days, malware is an everyday concern, even among ordinary end users. A countless amount of money is lost every year worldwide due to malware, possibly
Read More