Markdown Linting - Source Code, JWT, RMI, LDAP, LaTeX

Author: swisskyrepo

Diff for: Insecure Source Code Management/Bazaar.md

@@ -2,20 +2,19 @@
 
 > Bazaar  (also known as bzr ) is a free, distributed version control system (DVCS) that helps you track project history over time and collaborate seamlessly with others. Developed by Canonical, Bazaar emphasizes ease of use, a flexible workflow, and rich features to cater to both individual developers and large teams.
 
-
 ## Summary
 
 * [Tools](#tools)
     * [rip-bzr.pl](#rip-bzrpl)
     * [bzr_dumper](#bzr_dumper)
 * [References](#references)
 
-
 ## Tools
 
 ### rip-bzr.pl
 
 * [kost/dvcs-ripper/rip-bzr.pl](https://raw.githubusercontent.com/kost/dvcs-ripper/master/rip-bzr.pl)
+
     ```powershell
     docker run --rm -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-bzr.pl -v -u
     ```
@@ -50,4 +49,4 @@ bzr revert
 
 ## References
 
-- [STEM CTF Cyber Challenge 2019 – My First Blog - m3ssap0 / zuzzur3ll0n1 - March 2, 2019](https://ctftime.org/writeup/13380)
+* [STEM CTF Cyber Challenge 2019 – My First Blog - m3ssap0 / zuzzur3ll0n1 - March 2, 2019](https://ctftime.org/writeup/13380)

Diff for: Insecure Source Code Management/Mercurial.md

@@ -2,24 +2,22 @@
 
 > Mercurial  (also known as hg  from the chemical symbol for mercury) is a distributed version control system (DVCS) designed for efficiency and scalability. Developed by Matt Mackall and first released in 2005, Mercurial is known for its speed, simplicity, and ability to handle large codebases.
 
-
 ## Summary
 
 * [Tools](#tools)
     * [rip-hg.pl](#rip-hgpl)
 * [References](#references)
 
-
 ## Tools
 
 ### rip-hg.pl
 
 * [kost/dvcs-ripper/master/rip-hg.pl](https://raw.githubusercontent.com/kost/dvcs-ripper/master/rip-hg.pl) - Rip web accessible (distributed) version control systems: SVN/GIT/HG...
+
     ```powershell
     docker run --rm -it -v /path/to/host/work:/work:rw k0st/alpine-dvcs-ripper rip-hg.pl -v -u
     ```
 
-
 ## References
 
-* [my-chemical-romance - siunam - Feb 13, 2023](https://siunam321.github.io/ctf/LA-CTF-2023/Web/my-chemical-romance/)
+* [my-chemical-romance - siunam - Feb 13, 2023](https://siunam321.github.io/ctf/LA-CTF-2023/Web/my-chemical-romance/)

Diff for: Insecure Source Code Management/README.md

@@ -1,7 +1,6 @@
 # Insecure Source Code Management
 
-> Insecure Source Code Management (SCM) can lead to several critical vulnerabilities in web applications and services. Developers often rely on SCM systems like Git and Subversion (SVN) to manage their source code versions. However, poor security practices, such as leaving .git and .svn folders in production environments exposed to the internet, can pose significant risks. 
-
+> Insecure Source Code Management (SCM) can lead to several critical vulnerabilities in web applications and services. Developers often rely on SCM systems like Git and Subversion (SVN) to manage their source code versions. However, poor security practices, such as leaving .git and .svn folders in production environments exposed to the internet, can pose significant risks.
 
 ## Summary
 
@@ -13,21 +12,19 @@
 * [Labs](#labs)
 * [References](#references)
 
-
 ## Methodology
 
-Exposing the version control system folders on a web server can lead to severe security risks, including: 
+Exposing the version control system folders on a web server can lead to severe security risks, including:
 
-- **Source Code Leaks** : Attackers can download the entire source code repository, gaining access to the application's logic.
-- **Sensitive Information Exposure** : Embedded secrets, configuration files, and credentials might be present within the codebase.
-- **Commit History Exposure** : Attackers can view past changes, revealing sensitive information that might have been previously exposed and later mitigated.
-     
+* **Source Code Leaks** : Attackers can download the entire source code repository, gaining access to the application's logic.
+* **Sensitive Information Exposure** : Embedded secrets, configuration files, and credentials might be present within the codebase.
+* **Commit History Exposure** : Attackers can view past changes, revealing sensitive information that might have been previously exposed and later mitigated.
 
-The first step is to gather information about the target application. This can be done using various web reconnaissance tools and techniques. 
+The first step is to gather information about the target application. This can be done using various web reconnaissance tools and techniques.
 
 * **Manual Inspection** : Check URLs manually by navigating to common SCM paths.
-    * http://target.com/.git/
-    * http://target.com/.svn/
+    * Git: `http://target.com/.git/`
+    * SVN: `http://target.com/.svn/`
 
 * **Automated Tools** : Refer to the page related to the specific technology.
 
@@ -41,14 +38,12 @@ location /.git {
 }
 ```
 
-For example in Git, the exploitation technique doesn't require to list the content of the `.git` folder (http://target.com/.git/), the data extraction can still be conducted when files can be read.
-
+For example in Git, the exploitation technique doesn't require to list the content of the `.git` folder (`http://target.com/.git/`), the data extraction can still be conducted when files can be read.
 
 ## Labs
 
 * [Root Me - Insecure Code Management](https://www.root-me.org/fr/Challenges/Web-Serveur/Insecure-Code-Management)
 
-
 ## References
 
-- [Hidden directories and files as a source of sensitive information about web application - Apr 30, 2017](https://github.com/bl4de/research/tree/master/hidden_directories_leaks)
+* [Hidden directories and files as a source of sensitive information about web application - Apr 30, 2017](https://github.com/bl4de/research/tree/master/hidden_directories_leaks)

Diff for: Insecure Source Code Management/Subversion.md

@@ -1,6 +1,6 @@
 # Subversion
 
-> Subversion  (often abbreviated as SVN) is a centralized version control system (VCS) that has been widely used in the software development industry. Originally developed by CollabNet Inc. in 2000, Subversion was designed to be an improved version of CVS (Concurrent Versions System) and has since gained significant traction for its robustness and reliability. 
+> Subversion  (often abbreviated as SVN) is a centralized version control system (VCS) that has been widely used in the software development industry. Originally developed by CollabNet Inc. in 2000, Subversion was designed to be an improved version of CVS (Concurrent Versions System) and has since gained significant traction for its robustness and reliability.
 
 ## Summary
 
@@ -10,7 +10,8 @@
 
 ## Tools
 
-* [anantshri/svn-extractor](https://github.com/anantshri/svn-extractor) - Simple script to extract all web resources by means of .SVN folder exposed over network. 
+* [anantshri/svn-extractor](https://github.com/anantshri/svn-extractor) - Simple script to extract all web resources by means of .SVN folder exposed over network.
+
     ```powershell
     python svn-extractor.py --url "url with .svn available"
     ```
@@ -21,11 +22,12 @@
 curl http://blog.domain.com/.svn/text-base/wp-config.php.svn-base
 ```
 
-1. Download the svn database from http://server/path_to_vulnerable_site/.svn/wc.db
+1. Download the svn database from `http://server/path_to_vulnerable_site/.svn/wc.db`
+
     ```powershell
     INSERT INTO "NODES" VALUES(1,'trunk/test.txt',0,'trunk',1,'trunk/test.txt',2,'normal',NULL,NULL,'file',X'2829',NULL,'$sha1$945a60e68acc693fcb74abadb588aac1a9135f62',NULL,2,1456056344886288,'bl4de',38,1456056261000000,NULL,NULL);
     ```
-    
+
 2. Download interesting files
     * remove `$sha1$` prefix
     * add `.svn-base` postfix
@@ -34,4 +36,4 @@ curl http://blog.domain.com/.svn/text-base/wp-config.php.svn-base
 
 ## References
 
-- [SVN Extractor for Web Pentesters - Anant Shrivastava - March 26, 2013](http://blog.anantshri.info/svn-extractor-for-web-pentesters/)
+* [SVN Extractor for Web Pentesters - Anant Shrivastava - March 26, 2013](http://blog.anantshri.info/svn-extractor-for-web-pentesters/)