877.791.9571 |

About the Author:

Ivan Dimov is a student of IT and Information security. He has been working as a freelancer in technical writing, specializing in articles about Internet marketing (especially web hosting, search engine optimization and domains). Currently, he studies European and Global courses (in English) in his native Bulgaria. He has also attended International & European Law courses at The Hague University of Applied Science, the Netherlands. He speaks Bulgarian, English, French and Dutch.
Security concept: Lock on digital screen, contrast, 3d render

Website Hacking 101: Part II

To view Part I of this article, please visit http://resources.infosecinstitute.com/website-hacking-101/.

In this Part, we are going to briefly introduce Path Traversal, usage of Delimiters, and Information Disclosure attack.

We are going […]

Hacking Static Passwords

Website Hacking 101


Websites are used daily by a large part of the world’s population to carry sensitive data from a person to an entity with online-based presence. In websites containing materials […]


Explaining cyberterrorism

People feel endangered by cyberterrorists, and this topic has raised an alarm in many societies. Many experts in the IT field and many political figures have elaborated on the […]


Guerilla Psychology and Tactical Approaches to Social Engineering, Part II


So far, we have discussed techniques used in manipulation, the characteristics that social engineers possess, the cycle of social engineering, and the four main qualities that are abused in […]


Guerilla Psychology and Tactical Approaches to Social Engineering, Part I

1. Introduction
In the first part of this article, we are going to discuss the psychology surrounding social engineering, and in particular, the four qualities that social engineers abuse and […]


Approaches to Information Gathering in Physical Penetration Testing – Part I: Gathering Information via Photography

1. Introduction
The first phase of an attack, and in a security assessment, is to gather as much data on the target as possible. It is actually considered one of […]


Improving the Human Firewall


Most likely you will agree that security education is the thing that needs enhancement the most in companies worldwide – it is pointless to expend millions of dollars on […]


Windows Systems and Artifacts in Digital Forensics: Part III: Prefetch Files

1. Introduction
In this article, I’m going to focus on prefetch files, specifically, their characteristics, structure, points of interest in terms of forensic importance, uses, configuration, forensic value and metadata.

For […]


Windows Systems and Artifacts in Digital Forensics, Part II

For Part I of these series, please visit this page: http://resources.infosecinstitute.com/windows-systems-and-artifacts-in-digital-forensics-part-i-registry/

This article begins with event logs and discusses their headers’ structure and the structure of their building blocks—the headers […]


Windows Systems and Artifacts in Digital Forensics, Part I: Registry

Learning about artifacts in Windows is crucial for digital forensics examiners, as Windows accounts for most of the traffic in the world (91.8 of traffic comes from computers using […]


Keyloggers: How They Work and More

Below is a graphic that enumerates some methods of password pilfering, which serves as an introduction to the matter discussed:

1. Introduction

In this article, we will be discussing mainly software […]


Means and Methods of Web Tracking: Its effects on privacy and ways to avoid getting tracked

 1. Introduction

Below, we will discuss the reasons that incited people, businesses and governmental agencies to employ web tracking, detailed and basic methods of avoiding web tracking, and various types […]


Guiding Principles in Information Security

1. Introduction

A principle which is a core requirement of information security for the safe utilization, flow, and storage of information is the CIA triad. CIA stands for confidentiality, integrity, […]

Voice Phishing

Phishing Techniques: Similarities, Differences, and Trends: Part III: Vishing

For Part I, which discusses Mass Phishing and which sets the objects of examination in this paper, please check here.

For Part II, which discusses Targeted Phishing, please check here.


Vishing […]


Phishing Techniques: Similarities, Differences and Trends – Part II: Targeted Phishing

For Part I, which discusses Mass Phishing and sets the objects of examination in this paper, please check http://resources.infosecinstitute.com/phishing-techniques-similarities-differences-and-trends-part-i-mass-phishing/.


Spear-phishing is a technique by which a cyber-criminal falsely presents himself […]


Phishing Techniques: Similarities, Differences and Trends – Part I: (Mass) Phishing


The term “phishing” actually originated from the word fishing because the manner of attack defined by the term resembled fishing ever since its early invention. Namely, the criminal sets […]


Facebook malware: How do they work, how to protect yourself against them and what to do if you get infected

1. Introduction

Social media’s history precedes the 21th century and ever since then malevolent people have attempted to infiltrate the computers of innocent people using these media in hope of […]


Domain Name Hijacking – Domain Slamming

Domain slamming – what is it and how did it emerge

The term domain slamming is derived from telephone slamming, a dishonest practice which telephone companies make you unknowingly change […]