Free eBook: OpenSSL Cookbook
If your job has something to do with security, web development, or system administration, you can’t avoid having to deal with OpenSSL on at least some level. This book …
Nmap cheat sheet
Network Mapper – better known by its shortened name Nmap – is one of the most long-lived security tools out there. Used for scanning computer networks for ports, …
A new classification for potentially unwanted mobile apps
What are PUAs (Potentially Unwanted Applications), and how should they be classified in the mobile (specifically Android) environment? PUAs are not technically malware, and …
The Basics of Web Hacking: Tools and Techniques to Attack the Web
Web security is one of the hot topics that we cover quite a lot on Help Net Security and is something that generates news and catches the interest of ever growing number of …
The IT road to hell
The past several months have been an unending nightmare for the US government and its allies, as one disclosure after another has caused unimaginable damage to relationships, …
Video: Operationalizing security intelligence in the enterprise
Many organizations say they acquire and use security intelligence for the benefit of their organizations – but few actually do this right. While security intelligence is …
How meaningful are AV tests?
Anti-malware software from vendors big and small is regularly tested by several antivirus test labs, which may result in awards and certification, but also in disappointment. …
How to sniff local network traffic on an unrooted Android device
Google Play hosts a number of applications that focus on local network traffic sniffing for Android devices, but for the majority of them you would first need to root the …
Video: Malware Management Framework
You can throw lots of time and money at scanning your systems for unknown malware, but the reality is that you will only identify a small portion of the bad stuff. Changing …
Customizing defense models to reduce the window of exposure
Most organizations already have a defense model in place that is meant to protect them from attacks, but the problem is that many use an outdated one. But the threat landscape …
Lessons learned from sinkholing the ZeroAccess botnet
ZeroAccess (or Sirefef) is a piece of malware that is very adept at hiding its existence from users, and brings in huge sums of money to its masters by performing click-fraud …
Python for web application security professionals
Python is an open source, interactive, object oriented programming language. It’s very easy to learn and an extremely powerful high level language. It runs on Windows, …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)