Skip to main content

Navigation

Catalogue

Security Awareness Privacy & Compliance AI & LLM Security Real-World Incidents
Application Security Soon
API Security Soon
Cloud Security Soon

Features

Interactive 3D Training SCORM Cloud LMS Human Risk Score Risk-Based Automation Integrations All features

Simulations

Phishing Simulations Smishing Simulations
Vishing Simulations Soon

Company

Partners About Us Blog Data Sheet PDF

Legal

Security & Compliance Privacy Policy Terms of Service
English Українська
Book a Demo

Open-Source Security Awareness Training

Download 100+ interactive security awareness modules as SCORM packages, free and open under Creative Commons. Import phishing, ransomware, GDPR, and AI-threat courses straight into your own LMS. Free for non-commercial use under CC BY-NC, no signup required.

Get the packages on GitHub Play the exercises first
Open-source security awareness training repository on GitHub, with SCORM packages importing into any LMS, watched over by the RansomLeak sentinel owl
100+
Interactive modules
14
Topic categories
$0
Free, non-commercial
Any LMS
SCORM-ready import

What is open-source security awareness training?

Open-source security awareness training is employee cybersecurity education whose content is published openly, free to download, use, and adapt, rather than locked inside a paid vendor platform. Most of it ships as SCORM packages, so any organization can import the courses into its own learning management system (LMS).

RansomLeak publishes 100+ such modules on GitHub under a Creative Commons license (CC BY-NC 4.0). They cover phishing, ransomware, GDPR, passwords, device security, and AI threats like prompt injection, each as a self-contained, interactive 3D scenario rather than a slideshow.

The appeal is practical. Verizon's 2024 Data Breach Investigations Report attributes 68% of breaches to a human element, so the demand for accessible training is high. The library is free for non-commercial use, so individuals, educators, and non-profits can learn from and adapt it freely; for commercial or enterprise rollouts, organizations license the hosted RansomLeak platform.

What's inside the open-source library

Every module is a hands-on, first-person scenario set in an interactive 3D office, not a video or a quiz deck. Take a full course package, or pull individual exercises to build your own curriculum.

Phishing & Impersonation

13 modules

Phishing, spear phishing, whaling, business email compromise, smishing, QR-code scams, and tech-support fraud.

GDPR Compliance

11 modules

Consent, breach response, processor vetting, data protection impact assessments, and data subject access requests.

OWASP Top 10 for LLM Applications

10 modules

Prompt injection, sensitive data disclosure, and the other LLM-specific risks every AI-using team should know.

OWASP Top 10 for Agentic Applications

10 modules

Goal hijacking, tool misuse, and code injection aimed at autonomous AI agents.

Device Security

8 modules

Ransomware, USB attacks, backups, encryption, patching, Bluetooth, and risky file extensions.

Passwords & Account Security

7 modules

Password managers, multi-factor authentication, credential stuffing, privileged access, and account recovery.

Web & Browser Safety

6 modules

HTTPS, safe downloads, typosquatting, autofill risks, browser extensions, and push notifications.

Safe Communication & Sharing

6 modules

Social media, cloud sharing, OAuth permissions, and secure messaging habits.

Workplace Security

5 modules

Insider threats, shadow IT, and everyday collaboration hygiene.

Security Policies & Your Role

5 modules

Audit mindset, individual responsibilities, and reading the policy that applies to you.

Protecting Sensitive Information

3 modules

Data leakage, classification, identity theft, and sharing records safely.

Remote & Home Office Security

2 modules

VPN usage and securing the home router your team works behind.

Incident Reporting

2 modules

How and when to report, and how to build a culture where people speak up.

Real-World Incidents

2 modules

Case studies of the MGM Resorts breach and a OneNote email attack.

Why teams choose open-source SCORM training

Free hosted tools keep your training on the vendor's platform. Downloadable SCORM packages put it on yours.

You own the content

Download the packages once and keep them. No subscription, no renewal, and no vendor switch that wipes out your library.

Free for non-commercial use

Personal study, classrooms, non-profits, and evaluating the content cost nothing under CC BY-NC. For commercial or enterprise rollouts, the platform handles licensing.

Runs in your LMS

Each module is a standard SCORM package. Import it into Moodle, Workday, Cornerstone, or SAP SuccessFactors, or test on SCORM Cloud first.

Fully white-labeled

No RansomLeak logos, no backlinks, and no signup walls. Add your own branding for classroom, community, and non-profit programs.

Interactive, not slideshows

Every exercise is a first-person 3D scenario where employees make decisions, so they finish the module and remember it.

Covers modern threats

Beyond phishing and passwords, the library covers GDPR and AI risks like prompt injection that most free training skips.

How to deploy the free SCORM packages

You can have a real course running in your LMS in about ten minutes. No code, no API work, no IT ticket.

  1. 1

    Download from GitHub

    Clone or download the repository. Take a full course package from the root, or individual exercises from the Individual Exercises folder.

  2. 2

    Import into your LMS

    Upload the SCORM .zip the same way you add any course. Most teams test on SCORM Cloud first to confirm it plays and tracks.

  3. 3

    Brand and assign

    Add your logo if you want, set the pass threshold, and assign modules to teams or roles.

  4. 4

    Track completion

    Your LMS records completion, scores, and time spent automatically, so you have the evidence auditors ask for.

Open-source SCORM vs other free options

There are three common ways to get security awareness training at no cost. Here is how downloadable SCORM packages compare to hosted free tools and to building your own decks.

Open-source SCORM (this library) Free hosted tools Generic slides and PDFs
Where it runs Your own LMS, offline-capable The vendor's platform Wherever you paste them
Cost at scale $0 for non-commercial use Free tier with seat or feature caps $0, but you build it all
You own it Yes, downloaded and yours No, hosted by the vendor Yes
Completion tracking Through your LMS (SCORM) In the vendor dashboard Manual
Format Interactive 3D scenarios Mostly video and quizzes Static reading
White-label Yes, no logos or backlinks Usually vendor-branded Yes
Modern AI threats Yes, LLM and agent risks Sometimes Rarely
Commercial / enterprise use License the platform Per the vendor's terms Varies

License and attribution

The library is published under Creative Commons Attribution-NonCommercial 4.0 (CC BY-NC 4.0). The NonCommercial term is the important one. In plain terms:

  • Free for non-commercial use: personal study, education, non-profit and community programs, and evaluating the content before you buy.
  • Keep a credit to RansomLeak whenever you share, adapt, or publish the content.
  • Do not resell or redistribute the modules as a standalone product.
  • Not licensed for commercial or enterprise deployment. To roll the training out across a company, license the RansomLeak platform.

Ready-to-use attribution:

Security awareness training by RansomLeak (ransomleak.com), licensed CC BY-NC 4.0.

When you outgrow self-hosting

The open-source library is for non-commercial use. For commercial and enterprise rollouts, the RansomLeak platform licenses the same exercises and adds the operations layer on top.

Automated phishing and smishing simulations tied to the right training
A Human Risk Score for every employee and team
SSO, SCIM provisioning, and SIEM export
New content every month and reporting your auditors accept
See the full platform Phishing Simulations

Frequently Asked Questions

Is open-source security awareness training really free?

Yes, for non-commercial use. RansomLeak publishes 100+ security awareness modules on GitHub at no cost and with no signup. You download the SCORM packages and run them in your own LMS.

They are licensed under Creative Commons CC BY-NC 4.0: free for personal, educational, and non-profit use, as long as you keep the attribution and do not resell the content. Commercial and enterprise use is licensed separately through the platform.

What does the CC BY-NC 4.0 license allow?

It allows non-commercial use: personal study, education, and non-profit or community training, plus evaluating the content. Attribution to RansomLeak is required whenever you share or adapt it.

The NonCommercial term means it is not licensed for commercial or enterprise use, and you cannot resell or repackage it as a product. For commercial rollouts, license the platform.

Can I use the training for my own company's employees?

For non-commercial settings, yes: a non-profit, a school, or your own personal upskilling, for example. For a commercial or enterprise organization, company-wide deployment falls outside the CC BY-NC non-commercial license.

To run the training across a for-profit company, with reporting and completion tracking, license the RansomLeak platform. You can still download the packages first to evaluate the content.

Which LMS does it work with?

Any LMS that supports SCORM. Teams import these packages into Moodle, Workday, Cornerstone, SAP SuccessFactors, Docebo, Canvas, and many others.

See the full SCORM and LMS compatibility details, or test a package on SCORM Cloud before you roll it out.

Is it SCORM 1.2 or SCORM 2004?

Each exercise is a standard SCORM .zip that imports into any SCORM 1.2 or 2004 compatible LMS, which is nearly every modern platform.

If you need a specific version, the RansomLeak platform can export modules as SCORM 1.2 or SCORM 2004.

How many modules and topics are included?

The library has 100+ interactive modules across 14 categories, including phishing and impersonation, GDPR, device security, passwords, and the OWASP Top 10 for LLM and agentic applications.

You can take a full course package per topic, or pick individual exercises to assemble your own curriculum.

What languages is the open-source library in?

The open-source packages are in English. The RansomLeak platform also offers training in Ukrainian, Dutch, Italian, and German, with more languages on request.

Do I have to credit RansomLeak?

Yes. Attribution is required under CC BY-NC 4.0, along with keeping use non-commercial. A simple credit line works: "Security awareness training by RansomLeak (ransomleak.com), licensed CC BY-NC 4.0."

How is this different from free training from KnowBe4 or Wizer?

Those are free tiers hosted on the vendor's own platform, where the content stays with the vendor. This library is downloadable: you own the SCORM packages and run them inside your own LMS, fully white-labeled.

If you are weighing vendors, see our KnowBe4 alternatives comparison.

What is the difference between open-source and free training?

Free means no cost. Open-source, as used here, means the content is published openly so you can download it, adapt it, and host it yourself. The RansomLeak library is both.

See RansomLeak in Action

Try the free exercises or book a demo to see analytics, SCORM export, SSO, and custom content in your environment.

Request Demo Try Free Exercises