User Controls

Infosec/Compsci e-books.

  1. #1
    Sophie Pedophile Tech Support
    Anyway, i've aquired some interesting resources and was wondering if ya'll would be interested in aquiring some as well. Take a pick and i'll upload the e-books of your choice for you.

  2. #2
    SBTlauien African Astronaut
    I have quite a few of these but I've only read most of the way through the second to last. I haven't even really got into Python much.

    I'd like NSA Securing Linux please.

    Have you read through all of these?
  3. #3
    Sophie Pedophile Tech Support
    I have quite a few of these but I've only read most of the way through the second to last. I haven't even really got into Python much.

    I'd like NSA Securing Linux please.

    Have you read through all of these?

    No not at all, i've read black hat python and grey hat python skimmed through the pentesting one and am at about page 300 or so of the web pplications hackers handbook and i'm reading the bash cookbook as well to familiarize myself intimately with bash and linux in general. The rest of them came recommended by a sec minded buddy of mine so i figured i'd get them. Plus, i think malware is fascinating which is why i also got the kernel exploitation books. Any place you'd prefer me to upload the e-book in question?
  4. #4
    LiquidIce Houston
    The problem I've had with these books is that they're beasts in terms of size and each one takes 1-6 weeks of reading combined with practicing. Like the Web Application Hacker's Handbook - fucking amazing, thorough, and well written, but I'd get lost in it if I wasn't taking notes and trying some of the shit out on DVWB or OWASP's RailsGoat.
  5. #5
    SBTlauien African Astronaut
    Any place you'd prefer me to upload the e-book in question?

    ​Angelfire please.

    The problem I've had with these books is that they're beasts in terms of size and each one takes 1-6 weeks of reading combined with practicing. Like the Web Application Hacker's Handbook - fucking amazing, thorough, and well written, but I'd get lost in it if I wasn't taking notes and trying some of the shit out on DVWB or OWASP's RailsGoat.

    Yeah, that one was a big one. I never did finish it completely. You practically have to download the tools and do a little bit of 'action' to stay interested. But it kept me interested.

    Roughly what percentage of internet hacking would you say is web application based?
  6. #6
    LiquidIce Houston
    Yeah, that one was a big one. I never did finish it completely. You practically have to download the tools and do a little bit of 'action' to stay interested. But it kept me interested.

    Roughly what percentage of internet hacking would you say is web application based?

    Yeah, I did the whole messing around with tools thing. Helped retain the material. That's a really tough question, especially since I've moved away from infosec (temporarily). If by "web application" you mean "anything that serves or consumes HTTP" then a fucking ton

    We got the popular stuff like XSS, with SQLi and CSRF stuff a little further behind. Then there's everything that's related to fucked up application logic ie. file upload forms that enable XSS or remote file access or bad authentication/authorization schemes. I guess we could classify all the "open wide to the internet" technologies ie. redis/elasticsearch/mongo that serve HTTP on 0.0.0.0 or other crazy insecure defaults (http://blog.binaryedge.io/2015/08/10/data-technologies-and-security-part-1/). IoT also expose a bunch of HTTP services (http://betanews.com/2015/10/10/hackers-exploit-serious-unpatched-netgear-router-dns-vulnerability/) and these services are all web applications of some sort - even if it's just static html + basic auth.



  7. #7
    Sophie Pedophile Tech Support
    ​Angelfire please.

    Nigga'i ain't getting angelfire FTP hosting bullshit, here's a vola https://volafile.io/r/q2kF5-

    Expires in 2 days so hurry up. Lol.
Jump to Top