Dailydave mailing list archives

Re: Book Reviews

From: Eric Schultz <fire0088 () gmail com>
Date: Tue, 11 Oct 2016 11:45:35 -0400

"You cannot deface websites with cross-site-scripting"

You can with stored cross site scripting.

You if the app is also vulnerable to cross site request forgery.

You can if you steal a privileged session and you have network access.

-Eric

On Oct 10, 2016 11:24 AM, "Dave Aitel" <dave.aitel () gmail com> wrote:

2 Book Reviews in this post.

1. Lab Girl
<https://www.amazon.com/Lab-Girl-Hope-Jahren-ebook/dp/B00Z3FYQS4/ref=tmm_kin_swatch_0?_encoding=UTF8&qid=1476112205&sr=8-1>
 :
Probably the best book I've read all year. Immediately go and purchase and
read this. Speaks well to the hacker spirit, but is written like poetry.

2. http://cybersecpolitics.blogspot.com/2016/10/book-
review-cyber-war-vs-cyber-realities.html - Read my review please, but
don't buy the book. :) I masochistically read these books because if you
don't publicly review them, they filter into things people "know" about
cyber war strategy, and make for very painful policy meetings and Wassenaar
like things. People who write these sort of books need to write them
knowing someone is going to read them with a critical eye.

-dave


_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Current thread:

Book Reviews Dave Aitel (Oct 10)
- Re: Book Reviews Eric Schultz (Oct 11)
  - Re: Book Reviews Dave Aitel (Oct 11)
  - Re: Book Reviews Thomas Ptacek (Oct 11)
    - Re: Book Reviews JJ Gray (Oct 12)