Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Types of cyber ranges compared: Simulations, overlays, emulations and hybrids

There are many different kinds of cyber ranges to choose from when deciding on the best cybersecurity training type for your team. Cyber ranges are an effect
Read More
Article

x86 basics: Data representation, memory and information storage

Learn some of the fundamental concepts associated with x86 architecture in the third article in our x86 assembly series.
Read More
Article

Cybersecurity Weekly: Cisco VPN flaws, Chrome zero-day fix, new DDoS botnet

Critical flaws are reported in Cisco VPN routers for businesses. Google fixes Chrome zero-day actively exploited in the wild. The new Matryosh DDoS botnet has been targeting Android-based devices. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

How to attack Windows 10 machine with metasploit on Kali Linux [updated 2021]

The Metasploit Framework is the most commonly-used framework for hackers worldwide. It allows hackers to set up listeners that create a conducive environment
Read More
Article

What is x86 assembly?

Learn the basics of x86 assembly, its history and where it is most commonly used in the first article in our x86 assembly series.
Read More
Article

Introduction to x86 assembly and syntax

Learn what x86 assembly programs look like and the types of syntaxes programmers can use in the second article in our x86 assembly series.
Read More
Article

National Initiative for Cybersecurity Education (NICE) cyber range checklist

Introduction Today, we will look at the National Initiative for Cybersecurity Education (NICE) cyber range checklist. We will give a brief overview and disc
Read More
Article

Vizom malware: What it is, how it works and how to prevent it | Malware spotlight

The Vizom Trojan is an active piece of malware targeting online banking users in Brazil that takes advantage of the window overlay technique to steal user’s
Read More
Article

Nmap from beginner to advanced [updated 2021]

Network Mapper (Nmap) is a network scanning and host detection tool that is very useful during several steps of penetration testing. Nmap is not limited to m
Read More
Article

Using MITRE ATT&CK with cyber threat intelligence

The MITRE ATT&CK framework is a tool developed by the MITRE Corporation. It is designed to provide information about how a cyberattack works and the vari
Read More
Article

Top 30 Microsoft Azure interview questions and answers

Azure. Until relatively recently, this word was associated primarily with gemstones and the sky on a cloudless day. Cloudless is a little ironic, since nowad
Read More
Article

MITRE ATT&CK framework mitigations: An overview

The MITRE ATT&CK framework is a tool developed by the MITRE Corporation that is intended to help with understanding how cyberattacks can be performed. It
Read More
Article

Hack the Box (HTB) machines walkthrough series — Unbalanced

Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named U
Read More
Article

MITRE ATT&CK framework techniques, sub-techniques & procedures

The MITRE ATT&CK framework is a tool developed by the MITRE Corporation to aid understanding and discussion of cyberattacks.  MITRE ATT&CK takes the
Read More
Article

Top 9 cybercrime tactics, techniques and trends in 2020: A recap

2020 was a busy year for cybercriminals, with new opportunities brought on by the COVID-19 lockdowns and digital transformation initiatives. According to McA
Read More
Article

How to use Local Group Policy to secure Windows 10

If one has to make any change to Windows OS setting and configuration, Group Policy is widely used and the most preferred option of all. This is due to the e
Read More
Article

KashmirBlack botnet targets WordPress, Joomla and other popular CMS platforms

Introduction If you are a malware researcher, you’ve probably heard of KashmirBlack, a botnet that has been in the wild since 2019. If you are not a malware
Read More
Article

Hack the Box (HTB) machines walkthrough series — OpenKeyS

Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named O
Read More
Article

Introduction to the TLS/SSL cryptography protocol

SSL stands for Secure Socket Layer. First version of SSL was developed by Netscape in 1995. SSL is the industry standard to establish secure internet connect
Read More
Article

Introduction to Diffie-Hellman Key Exchange

Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data fr
Read More
Article

Exploiting built-in network protocols for DDoS attacks

Introduction A distributed denial-of-service (DDoS) attack is an attempt to make an online service unavailable to users, usually by temporarily interrupting
Read More
Article

Introduction to the Rivest-Shamir-Adleman (RSA) encryption algorithm

Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data fr
Read More
Article

CloudGoat walkthrough series: EC2 server-side request forgery (SSRF)

This is the fifth in the walkthrough series of the CloudGoat scenarios. CloudGoat is a “vulnerable by design” AWS deployment tool designed by Rhino Security
Read More
Article

Firewall types and architecture

A firewall is a network security device placed at the perimeter of the corporate network, thus all the packets entering and leaving the network go through th
Read More