Security Awareness & Training Resource Center

Boost the effectiveness of your security awareness program or earn your next certification with free tools from our resource center. Check back frequently — new resources are added every week!

Featured content

Download — HRM (Forrester) Ebook, guide & report

Deconstructing Human-Element Breaches | Infosec HRM

Human risk management isn’t just rebranded SA&T — it’s a profound change of mindset, strategy, process and technology that approaches human-related breaches in a new way. 

Read More about Download — HRM (Forrester)

Our resources

Article

Poor Credential Management

Introduction As discussed in the previous article, use of credentials is one of the most common approaches used in applications and this is the de facto met
Read More
Article

What is threat modeling?

Introduction Everything that touches the internet or enterprise systems faces constant cyber threat from internal and external sources, malicious or mistake
Read More
Article

Android vulnerability allows attackers to spoof any phone number

Introduction Because many employees use mobile devices for work, the widespread use of mobile devices has come to put company networks at risk for cyberatta
Read More
Article

How Is Cryptography Used In Applications?

Introduction Cryptography is used in software to protect the data from adversaries. The key principles of cryptography is to provide confidentiality, integr
Read More
Article

Hack the Box (HTB) machines walkthrough series — Cache

Today, we will be continuing with our exploration of Hack the Box (HTB) machines, as seen in previous articles. This walkthrough is of an HTB machine named C
Read More
Article

What is a side-channel attack?

Introduction The origin of the side-channel attack is closely related to the existence of physically observable phenomena caused by the execution of computi
Read More
Article

Introduction to Parallel Processing

Introduction to Parallel Processing In the beginning, computers had a single processing core and were single-threaded.  While these computers would be able
Read More
Article

What are Race Conditions?

Introduction to Race Conditions Parallelized applications have a number of different benefits.  They’re able to run faster, support multiple different users
Read More
Article

Decrypting Downloaded Files

Introduction to Malware Command and Control Malware authors commonly design their malware to communicate with their operators.  In some cases, these command
Read More
Article

NetWire malware: What it is, how it works and how to prevent it | Malware spotlight

NetWire is a remote access Trojan focused on password stealing and keylogging, as well as including remote control capabilities. This threat has been used by
Read More
Article

Advanced cryptography in blockchain

Blockchain is Built with Cryptography Blockchain technology is revolutionary.  It provides a completely different way of accomplishing a wide range of tasks
Read More
Article

Data integrity and backups

Introduction Data integrity means that a given data set is accurate, complete, consistent, unchanged (original or a true copy) and trustworthy throughout it
Read More
Article

Spoofing and Anonymization (Hiding Network Activity)

Introduction Forensic investigators should always pay heed to the possibility of a cybercriminal to have been using spoofing and anonymizing techniques to c
Read More
Article

Introduction to hash functions

Hash functions are the most commonly used mathematical functions in cryptography for implementing security. A hash function converts an input value of any ar
Read More
Article

Introduction to Asymmetric Cryptography

Cryptography uses symmetric and asymmetric encryption for encryption and decryption of data. In this post, we will be focusing on and discussing asymmetric e
Read More
Article

The Advanced Encryption Standard (AES)

Advanced Encryption Standard short formed as AES falls under the symmetric encryption category. Thus, in AES the sender and the recipient of the data uses t
Read More
Article

Photographer 1: VulnHub CTF walkthrough, part 2

In the first part of this article, we identified the admin page of the application. In this article, we will continue from this step and complete further til
Read More
Article

Scalability & elasticity: Technical considerations when selecting a cyber range

Introduction Cyber ranges are excellent training tools. You can simulate advanced cloud infrastructure and create various test scenarios, or you can clone y
Read More
Article

2020: The year's biggest hacks and cyberattacks

Just when you thought Halloween was over, it turns out there is something out there far scarier to security professionals around the world: the constant thre
Read More
Article

Fundamentals of symmetric and asymmetric cryptography

Cryptography uses symmetric and asymmetric encryption for encryption and decryption of data. If the sender and the recipient of the data use the same key to
Read More
Article

My CMSMS 1: VulnHub CTF walkthrough

In this article, we will solve a capture the flag (CTF) challenge posted on the VulnHub website by an author named Pankaj Verma. As per the description given
Read More
Article

Microsoft Azure job outlook

Introduction The business world is relocating to the cloud and the trend is strong. It has been predicted that by the end of 2020, 83% of all businesses wil
Read More
Article

Cybersecurity Weekly: Hackers for hire, DNS cache poisoning, The North Face attacked

APT hackers for hire target financial and entertainment firms. DNS cache poisoning attacks return due to Linux weakness. The North Face website suffered a credential stuffing attack. All this, and more, in this week’s edition of Cybersecurity Weekly.
Read More
Article

Browser Forensics: Safari

Introduction Browsers have become an inherent part of our virtual life and we all make use of browsers for surfing the internet in some or the other way. Al
Read More