9-5-2v2

Articles/st27_ExploitWeekIntro.md

@@ -7,7 +7,7 @@ lab and do some hacking.
 > This is a pretty hardcore week, we will be looking at (and
 > performing) real exploits of vulnerable services.  However, you won't
 > need any specialist tools or knowledge, just a web browser and a bit
-> of thought.
+> of thought. [LD comment: Perhaps an additional comment such as: 'Some of this may be challenging to digest as you navigate through the material; however, rest assured, we'll explore the practical side of this content in the lab session]()
 
 ## Intro to the Exploits
 

Articles/st28_XSS.md

@@ -131,7 +131,7 @@ This would use the payload: [LD comment: 'payload'?]()
 
 
 Consider the [XSS Example](http://172.18.0.1/reflected_xss_get.php)
-from before. [LD comment: Which example are you referring to?]() We know the form takes a GET [LD comment: What's GET?]() request, then echoes it's
+from before. We know the form takes a GET [LD comment: What's GET?]() request, then echoes it's
 value back to the user. Consider what would happen if we could trick
 the user into clicking the following URL.
 

Articles/st36_CaseStudyIntro.md

@@ -17,7 +17,7 @@ While legislation around Cyber security is similar around the world, there are d
 
  - Taking Europe as a baseline, the laws are consistent between
    European countries, as they have to align with European Directives
- - In other jurisdictions may be stricter, or less strict.[LD comment: Perhaps better worded as 'Laws vary in levels of strictness in other jurisdictions.']()
+ - Other jurisdictions may be stricter or less strict.
  - Laws may have similar objectives but different technicalities:
     - Computer Crime and Abuse Act 1996 (USA)
 	- Euro Directive on Attacks against information systems 2013