From 0b81ea1ea172b12b8886cde661bf5d8594e7dad8 Mon Sep 17 00:00:00 2001 From: cpholguera Date: Fri, 29 Oct 2021 17:34:11 +0200 Subject: [PATCH 1/7] Upgrade Link Checker --- .github/workflows/checkLinks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/checkLinks.yml b/.github/workflows/checkLinks.yml index 33465150f3..c53b25411f 100644 --- a/.github/workflows/checkLinks.yml +++ b/.github/workflows/checkLinks.yml @@ -17,7 +17,7 @@ jobs: with: fetch-depth: 1 - name: link-check - uses: gaurav-nelson/github-action-markdown-link-check@820c0581641b6e2fb34ae4d5f93ef4d841fb37e6 + uses: gaurav-nelson/github-action-markdown-link-check@v1 with: use-quiet-mode: 'yes' use-verbose-mode: 'yes' From 1aaceb3a72c10d80fdf44cc491a32eb3cba7a2ed Mon Sep 17 00:00:00 2001 From: cpholguera Date: Fri, 29 Oct 2021 18:16:00 +0200 Subject: [PATCH 2/7] fix links --- Document/0x06a-Platform-Overview.md | 2 +- Document/0x06b-Basic-Security-Testing.md | 2 +- Document/0x08-Testing-Tools.md | 2 +- style_guide.md | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Document/0x06a-Platform-Overview.md b/Document/0x06a-Platform-Overview.md index 4152d83f31..693709981f 100644 --- a/Document/0x06a-Platform-Overview.md +++ b/Document/0x06a-Platform-Overview.md @@ -129,7 +129,7 @@ A language.lproj folder exists for each language that the application supports. ![OWASP MSTG](Images/Chapters/0x06a/iOS_project_folder.png) \ -On a jailbroken device, you can recover the IPA for an installed iOS app using different tools that allow decrypting the main app binary and reconstruct the IPA file. Similarly, on a jailbroken device you can install the IPA file with [IPA Installer](https://github.com/autopear/ipainstaller "IPA Installer"). During mobile security assessments, developers often give you the IPA directly. They can send you the actual file or provide access to the development-specific distribution platform they use, e.g., [HockeyApp](https://hockeyapp.net/ "HockeyApp") or [TestFlight](https://developer.apple.com/testflight/ "TestFlight"). +On a jailbroken device, you can recover the IPA for an installed iOS app using different tools that allow decrypting the main app binary and reconstruct the IPA file. Similarly, on a jailbroken device you can install the IPA file with [IPA Installer](https://github.com/autopear/ipainstaller "IPA Installer"). During mobile security assessments, developers often give you the IPA directly. They can send you the actual file or provide access to the development-specific distribution platform they use, e.g. [TestFlight](https://developer.apple.com/testflight/ "TestFlight"). ### App Permissions diff --git a/Document/0x06b-Basic-Security-Testing.md b/Document/0x06b-Basic-Security-Testing.md index 5242adf36c..841db43f91 100644 --- a/Document/0x06b-Basic-Security-Testing.md +++ b/Document/0x06b-Basic-Security-Testing.md @@ -24,7 +24,7 @@ The UDID is a 40-digit unique sequence of letters and numbers to identify an iOS ![OWASP MSTG](Images/Chapters/0x06b/UDID-Finder.png) \ -If you are using a macOS version before Catalina, you can find the [UDID of your iOS device via iTunes](https://www.iclarified.com/52179/how-to-find-your-iphones-udid "How to Find Your iPhone\'s UDID"), by selecting your device and clicking on "Serial Number" in the summary tab. When clicking on this you will iterate through different metadata of the iOS device including its UDID. +If you are using a macOS version before Catalina, you can find the [UDID of your iOS device via iTunes](https://medium.com/@igor_marques/how-to-find-an-iphones-udid-2d157f1cf2b9 "How to Find Your iPhone\'s UDID"), by selecting your device and clicking on "Serial Number" in the summary tab. When clicking on this you will iterate through different metadata of the iOS device including its UDID. It is also possible to get the UDID via various command line tools on macOS while the device is attached via USB: diff --git a/Document/0x08-Testing-Tools.md b/Document/0x08-Testing-Tools.md index 2c1064a252..b55e91fb76 100644 --- a/Document/0x08-Testing-Tools.md +++ b/Document/0x08-Testing-Tools.md @@ -1341,7 +1341,7 @@ A tool that loads arbitrary dylibs into running App Store apps. It has built-in ### BinaryCookieReader -A tool to dump all the cookies from the binary Cookies.binarycookies file - +A tool to dump all the cookies from the binary Cookies.binarycookies file - ### Burp Suite Mobile Assistant diff --git a/style_guide.md b/style_guide.md index 71f610f7ec..c8c312b197 100644 --- a/style_guide.md +++ b/style_guide.md @@ -214,13 +214,13 @@ When using (A), be sure to escape special characters such as apostrophe (\') or **Wrong** usage, see "iPhone's": ```markdown -[UDID of your iOS device via iTunes](http://www.iclarified.com/52179/how-to-find-your-iphones-udid "How to Find Your iPhone's UDID") +[UDID of your iOS device via iTunes](https://medium.com/@igor_marques/how-to-find-an-iphones-udid-2d157f1cf2b9 "How to Find Your iPhone's UDID") ``` **Right** usage, see "iPhone\'s": ```markdown -[UDID of your iOS device via iTunes](http://www.iclarified.com/52179/how-to-find-your-iphones-udid "How to Find Your iPhone\'s UDID") +[UDID of your iOS device via iTunes](https://medium.com/@igor_marques/how-to-find-an-iphones-udid-2d157f1cf2b9 "How to Find Your iPhone\'s UDID") ``` When adding links to the **"References"** section at the end of the chapters use `- Title - `, for example: From 3799eef93241515d91efe42cb44fe67326df0241 Mon Sep 17 00:00:00 2001 From: cpholguera Date: Fri, 29 Oct 2021 18:18:37 +0200 Subject: [PATCH 3/7] rename checks --- .github/workflows/checkLinks.yml | 2 +- .github/workflows/checkLint.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/checkLinks.yml b/.github/workflows/checkLinks.yml index c53b25411f..c0bc0e549c 100644 --- a/.github/workflows/checkLinks.yml +++ b/.github/workflows/checkLinks.yml @@ -1,4 +1,4 @@ -name: Check Markdown Links +name: URLs Checker on: push: diff --git a/.github/workflows/checkLint.yml b/.github/workflows/checkLint.yml index f9782ffaa4..bc6f7771dc 100644 --- a/.github/workflows/checkLint.yml +++ b/.github/workflows/checkLint.yml @@ -1,4 +1,4 @@ -name: Check Markdown Markup +name: Markdown Linter on: [push, pull_request] From a63547ae398f66734f3b89dfcd30b23270cd6740 Mon Sep 17 00:00:00 2001 From: cpholguera Date: Fri, 29 Oct 2021 18:26:17 +0200 Subject: [PATCH 4/7] add 403 alive --- .github/workflows/config/mlc_config.json | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/config/mlc_config.json b/.github/workflows/config/mlc_config.json index 5165f76a3b..2f95a3a402 100644 --- a/.github/workflows/config/mlc_config.json +++ b/.github/workflows/config/mlc_config.json @@ -47,5 +47,6 @@ ], "retryOn429": true, "fallbackRetryDelay": "30s", + "aliveStatusCodes": [403], "see": "https://github.com/tcort/markdown-link-check#config-file-format" } \ No newline at end of file From 93a637a0bde7693dc3f2d49bf2a3b8279b01f90b Mon Sep 17 00:00:00 2001 From: cpholguera Date: Fri, 29 Oct 2021 18:39:05 +0200 Subject: [PATCH 5/7] add 200 alive code --- .github/workflows/config/mlc_config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/config/mlc_config.json b/.github/workflows/config/mlc_config.json index 2f95a3a402..a4fc18ae86 100644 --- a/.github/workflows/config/mlc_config.json +++ b/.github/workflows/config/mlc_config.json @@ -47,6 +47,6 @@ ], "retryOn429": true, "fallbackRetryDelay": "30s", - "aliveStatusCodes": [403], + "aliveStatusCodes": [200, 403], "see": "https://github.com/tcort/markdown-link-check#config-file-format" } \ No newline at end of file From c5a96fec8e3fcef807b1f61288085c089f74eba0 Mon Sep 17 00:00:00 2001 From: cpholguera Date: Sat, 30 Oct 2021 00:18:22 +0200 Subject: [PATCH 6/7] Update mlc_config.json --- .github/workflows/config/mlc_config.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/config/mlc_config.json b/.github/workflows/config/mlc_config.json index a4fc18ae86..e9fd4a959b 100644 --- a/.github/workflows/config/mlc_config.json +++ b/.github/workflows/config/mlc_config.json @@ -47,6 +47,6 @@ ], "retryOn429": true, "fallbackRetryDelay": "30s", - "aliveStatusCodes": [200, 403], + "see": "https://github.com/tcort/markdown-link-check#config-file-format" -} \ No newline at end of file +} From a6040eff1fae406f92a4c3631438a0f7a70f5a4c Mon Sep 17 00:00:00 2001 From: cpholguera Date: Mon, 1 Nov 2021 22:42:12 +0100 Subject: [PATCH 7/7] add 2 exclusions to mlc --- .github/workflows/config/mlc_config.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/config/mlc_config.json b/.github/workflows/config/mlc_config.json index 7a9293386a..4426a08965 100644 --- a/.github/workflows/config/mlc_config.json +++ b/.github/workflows/config/mlc_config.json @@ -32,6 +32,12 @@ }, { "pattern": "^https://manualzz.com" + }, + { + "pattern": "^https://www.verticalstructure.com" + }, + { + "pattern": "^https://support.virustotal.com" } ], "httpHeaders": [