Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Dynamic Programming Tutorial

Introduction The dissertation investigates attributes. You'll see how you can define attributes on various items within your program. We shall also discuss
Read More
Article

Phishing and social engineering techniques 3.0

This is the third part of the phishing and social engineering techniques series. In the first article we have discussed what phishing is and what the differe
Read More
Article

Near field communication (NFC) technology, vulnerabilities and principal attack schema

The Near Field Communication (NFC) is a set of standards for mobile devices designed to establish radio communication with each other by being touched togeth
Read More
Article

IOS Application security Part 5 - Advanced Runtime analysis and manipulation using Cycript (Yahoo Weather App)

Introduction In the previous article, we learnt how to setup Cycript on your idevice, hook into a running process and obtain information about its propertie
Read More
Article

How USB Malware Works

Introduction In this article we will look at malware that propagate to other machines using USB removable devices. Unlike most malware which make use of
Read More
Article

Privacy Implications of Google Glass

Introduction Google Glass is a wearable computer worn like a standard pair of glasses. The device displays information on a glass screen in front of the eye
Read More
Article

.NET Application Domain Internal

Abstract In this article, you'll drill deeper into the details of how an assembly is hosted by the CLR and come to understand the relationship between the ap
Read More
Article

Security Threats in Virtual World

What are virtual worlds? A virtual world is an online world that simulates the real world in which the 'residents' can interact. Residents can participate i
Read More
Article

.NET Reflection

Abstract Assemblies are the core units of deployment. At design time, we can examine the set of reference assemblies in CIL code with couple of external tool
Read More
Article

China vs US, cyber superpowers compared

Introduction In the last months, the press agencies and government official bulletins have reported several news regarding continuous cyber-attacks having Ch
Read More
Article

iOS Application Security Part 4 – Runtime Analysis Using Cycript (Yahoo Weather App)

Introduction In the previous article, we learnt about the runtime capabilities of an IOS App written in Objective-C which uses the Cocoa framework. In this
Read More
Article

Data Exfiltration Techniques

Introduction In this article we will see how malware encode or encrypt data that's exfiltrated to the Command and Control Server from infected machines. Thi
Read More
Article

Linux and disk forensics

A digital forensic investigation generally consists of five major steps [Figure-1]: Identification Data Acquisition Data Recovery Analysis R
Read More
Article

Calling NTDLL functions directly

If you're reading this, then you've probably wanted to call some internal ntdll function that isn't exported and easily callable, right? If no, then let me e
Read More
Article

LUKS and LVM

LVM + LUKS LVM is software that uses physical devices as physical volumes (PVs) in storage pools called volume group (VG). Physical volumes can be a partiti
Read More
Article

Hacking Drones … Overview of the Main Threats

Introduction The Unmanned Aerial Vehicles (UAVs), also known as drones, represent a revolution in the security context; these powerful systems could be used
Read More
Article

Crypto building blocks

1. Introduction This article will explain how crypto building blocks can be used to achieve confidentiality, integrity, authentication and non-repudiation.
Read More
Article

IOS Application security Part 3 - Understanding the Objective-C Runtime

Introduction Almost all the native IOS applications are written in Objective-C. All these apps use Cocoa, which is a library that sits on top on Objc-C and
Read More
Article

Using SetWindowsHookEx for DLL injection on windows

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec . [pkadzone zo
Read More
Article

API hooking and DLL injection on Windows

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec. [pkadzone zon
Read More
Article

Using CreateRemoteThread for DLL injection on Windows

Note: all the code examples can be found on my Github profile under visual-studio-projects accessible here: https://github.com/proteansec . [pkadzone zo
Read More
Article

QR Code: USSD attack

The QR code or Quick Response code was originally designed for industrial applications, and has quickly gained popularity in the advertising industry. With t
Read More
Article

Data Exfiltration Techniques

Introduction In this article we will see how malware encode or encrypt data that's exfiltrated to the Command and Control Server from infected machines. Thi
Read More
Article

L-7 Protocol analysis

Traditional intrusion detection systems have always relied on protocol specific analysers to extract the context of the traffic stream. Basically, an intrusi
Read More