From 9e5bccad5677f3a929aa3f709e34d5dd642d10fc Mon Sep 17 00:00:00 2001
From: forgedhallpass <13679401+forgedhallpass@users.noreply.github.com>
Date: Wed, 25 Sep 2024 23:58:03 +0300
Subject: [PATCH] Removed HTML characters from the YAML content

---
 .../T0100 - Discover naming conventions.yaml     |  8 ++++----
 .../T0101 - Discover technology stacks.yaml      |  8 ++++----
 ...- Discover used open-source dependencies.yaml |  6 +++---
 ...0103 - Scan public artifacts for secrets.yaml |  8 ++++----
 .../T0104 - Discover coding flaws.yaml           |  6 +++---
 .../techniques/T0105 - Active scanning.yaml      |  6 +++---
 ...- Scan configuration on public resources.yaml |  6 +++---
 ...0107 - Discover internal artifacts names.yaml |  8 ++++----
 .../T0108 - Accounts in public registry.yaml     | 16 ++++++++--------
 .../T0109 - Publish malicious artifact.yaml      | 14 +++++++-------
 .../T0110 - Advertise malicious artifact.yaml    | 10 +++++-----
 11 files changed, 48 insertions(+), 48 deletions(-)

diff --git a/content/oscar/techniques/T0100 - Discover naming conventions.yaml b/content/oscar/techniques/T0100 - Discover naming conventions.yaml
index bd3d7d8..db0b06d 100644
--- a/content/oscar/techniques/T0100 - Discover naming conventions.yaml	
+++ b/content/oscar/techniques/T0100 - Discover naming conventions.yaml	
@@ -11,10 +11,10 @@ realm:
 summary: Discover naming conventions
 
 description: |
-  &ensp;This technique involves analyzing the naming conventions used in container images, source code repositories, and other related artifacts.<br> 
-  &ensp;By examining the naming conventions, an attacker can gain insights into the technologies and frameworks used in the application, as well as potentially identifying weak spots or vulnerabilities that can be exploited.<br>
-  &ensp;For example, an attacker might use this technique to identify the specific version of a library or software component used in an application, which could then be cross-referenced with known vulnerabilities to determine if the application is at risk.<br> 
-  &ensp;Alternatively, an attacker might analyze naming conventions to determine the structure and organization of a codebase, which could aid in future attacks.
+  This technique involves analyzing the naming conventions used in container images, source code repositories, and other related artifacts.
+  By examining the naming conventions, an attacker can gain insights into the technologies and frameworks used in the application, as well as potentially identifying weak spots or vulnerabilities that can be exploited.
+  For example, an attacker might use this technique to identify the specific version of a library or software component used in an application, which could then be cross-referenced with known vulnerabilities to determine if the application is at risk.
+  Alternatively, an attacker might analyze naming conventions to determine the structure and organization of a codebase, which could aid in future attacks.
 
 mitigations: 
   - M1000
diff --git a/content/oscar/techniques/T0101 - Discover technology stacks.yaml b/content/oscar/techniques/T0101 - Discover technology stacks.yaml
index ba8255e..e4ea703 100644
--- a/content/oscar/techniques/T0101 - Discover technology stacks.yaml	
+++ b/content/oscar/techniques/T0101 - Discover technology stacks.yaml	
@@ -11,10 +11,10 @@ realm:
 summary: Discover technology stacks
 
 description: |
-  &ensp;This technique involves analyzing the technology stacks used in an application, such as programming languages, frameworks, libraries, and other related technologies.<br> 
-  &ensp;By identifying the specific technology stack used in an application, an attacker can gain insights into the potential vulnerabilities associated with that technology, as well as potential attack vectors and weak spots in the application.<br>
-  &ensp;For example, an attacker might use this technique to identify specific versions of a library or software component used in an application, which could then be cross-referenced with known vulnerabilities to determine if the application is at risk.<br> 
-  &ensp;Alternatively, an attacker might analyze the technology stack to determine the overall architecture of the application and identify potential attack vectors or weak spots.
+  This technique involves analyzing the technology stacks used in an application, such as programming languages, frameworks, libraries, and other related technologies.
+  By identifying the specific technology stack used in an application, an attacker can gain insights into the potential vulnerabilities associated with that technology, as well as potential attack vectors and weak spots in the application.
+  For example, an attacker might use this technique to identify specific versions of a library or software component used in an application, which could then be cross-referenced with known vulnerabilities to determine if the application is at risk.
+  Alternatively, an attacker might analyze the technology stack to determine the overall architecture of the application and identify potential attack vectors or weak spots.
 
 mitigations: 
   - M1000
diff --git a/content/oscar/techniques/T0102 - Discover used open-source dependencies.yaml b/content/oscar/techniques/T0102 - Discover used open-source dependencies.yaml
index ef395e0..06a549d 100644
--- a/content/oscar/techniques/T0102 - Discover used open-source dependencies.yaml	
+++ b/content/oscar/techniques/T0102 - Discover used open-source dependencies.yaml	
@@ -11,9 +11,9 @@ realm:
 summary: Discover used open-source dependencies
 
 description: |
-  &ensp;This technique involves identifying the open-source dependencies used in an application, such as third-party libraries, frameworks, and other related components.<br>
-  &ensp;By identifying the specific open-source dependencies used in an application, an attacker can gain insights into the potential vulnerabilities associated with those components, as well as potential attack vectors and weak spots in the application.<br>
-  &ensp;For example, an attacker might use this technique to identify specific versions of a vulnerable open-source library used in an application, which could then be exploited to gain unauthorized access to the application or the underlying system.
+  This technique involves identifying the open-source dependencies used in an application, such as third-party libraries, frameworks, and other related components.
+  By identifying the specific open-source dependencies used in an application, an attacker can gain insights into the potential vulnerabilities associated with those components, as well as potential attack vectors and weak spots in the application.
+  For example, an attacker might use this technique to identify specific versions of a vulnerable open-source library used in an application, which could then be exploited to gain unauthorized access to the application or the underlying system.
 
 mitigations: 
   - M1500
diff --git a/content/oscar/techniques/T0103 - Scan public artifacts for secrets.yaml b/content/oscar/techniques/T0103 - Scan public artifacts for secrets.yaml
index 00de6d2..8b70535 100644
--- a/content/oscar/techniques/T0103 - Scan public artifacts for secrets.yaml	
+++ b/content/oscar/techniques/T0103 - Scan public artifacts for secrets.yaml	
@@ -11,10 +11,10 @@ realm:
 summary: Scan public artifacts for secrets
 
 description: |
-  &ensp;This technique involves scanning publicly available artifacts, such as code repositories and container images, for sensitive information such as passwords, access keys, and other secrets.<br> 
-  &ensp;By scanning these artifacts, an attacker can gain unauthorized access to the application or underlying system and potentially cause significant damage.<br>
-  &ensp;For example, an attacker might use this technique to scan a public code repository for hardcoded passwords or access keys, which could then be used to gain unauthorized access to the application or the underlying system.<br> 
-  &ensp;Alternatively, an attacker might scan a public container image for sensitive information such as database credentials, which could be used to gain access to sensitive data.
+  This technique involves scanning publicly available artifacts, such as code repositories and container images, for sensitive information such as passwords, access keys, and other secrets.
+  By scanning these artifacts, an attacker can gain unauthorized access to the application or underlying system and potentially cause significant damage.
+  For example, an attacker might use this technique to scan a public code repository for hardcoded passwords or access keys, which could then be used to gain unauthorized access to the application or the underlying system.
+  Alternatively, an attacker might scan a public container image for sensitive information such as database credentials, which could be used to gain access to sensitive data.
 
 mitigations: 
   - M1120
diff --git a/content/oscar/techniques/T0104 - Discover coding flaws.yaml b/content/oscar/techniques/T0104 - Discover coding flaws.yaml
index c29d96c..59645c6 100644
--- a/content/oscar/techniques/T0104 - Discover coding flaws.yaml	
+++ b/content/oscar/techniques/T0104 - Discover coding flaws.yaml	
@@ -10,9 +10,9 @@ realm:
 summary: Discover coding flaws
 
 description: |
-  &ensp;This technique involves identifying coding flaws in an application's codebase, including vulnerabilities such as buffer overflows, race conditions, injection flaws, and other software bugs that can be exploited by attackers to gain unauthorized access or cause system disruption.<br>
-  &ensp;An attacker can use this technique to gain insight into potential weaknesses in the application's codebase and identify attack vectors that can be exploited in future attacks.<br> 
-  &ensp;By discovering coding flaws in an application, an attacker can develop a better understanding of the application's architecture and potential vulnerabilities.
+  This technique involves identifying coding flaws in an application's codebase, including vulnerabilities such as buffer overflows, race conditions, injection flaws, and other software bugs that can be exploited by attackers to gain unauthorized access or cause system disruption.
+  An attacker can use this technique to gain insight into potential weaknesses in the application's codebase and identify attack vectors that can be exploited in future attacks.
+  By discovering coding flaws in an application, an attacker can develop a better understanding of the application's architecture and potential vulnerabilities.
 
 mitigations: 
   - M1720
diff --git a/content/oscar/techniques/T0105 - Active scanning.yaml b/content/oscar/techniques/T0105 - Active scanning.yaml
index be4d155..25b3f57 100644
--- a/content/oscar/techniques/T0105 - Active scanning.yaml	
+++ b/content/oscar/techniques/T0105 - Active scanning.yaml	
@@ -9,9 +9,9 @@ realm:
 summary: Active scanning
 
 description: |
-  &ensp;This technique involves actively scanning an organization's cloud infrastructure for vulnerabilities and misconfigurations that can be exploited by attackers to gain unauthorized access or cause system disruption.<br>
-  &ensp;An attacker can use this technique to identify vulnerable assets within an organization's cloud infrastructure and develop an understanding of the target's attack surface.<br> 
-  &ensp;By conducting active scanning, an attacker can gather information about an organization's network topology, application architecture, and security controls, and use this information to plan and execute more effective attacks.
+  This technique involves actively scanning an organization's cloud infrastructure for vulnerabilities and misconfigurations that can be exploited by attackers to gain unauthorized access or cause system disruption.
+  An attacker can use this technique to identify vulnerable assets within an organization's cloud infrastructure and develop an understanding of the target's attack surface.
+  By conducting active scanning, an attacker can gather information about an organization's network topology, application architecture, and security controls, and use this information to plan and execute more effective attacks.
 
 mitigations: 
   - M1450
diff --git a/content/oscar/techniques/T0106 - Scan configuration on public resources.yaml b/content/oscar/techniques/T0106 - Scan configuration on public resources.yaml
index dfa6d83..c14cc44 100644
--- a/content/oscar/techniques/T0106 - Scan configuration on public resources.yaml	
+++ b/content/oscar/techniques/T0106 - Scan configuration on public resources.yaml	
@@ -10,9 +10,9 @@ realm:
 summary: Scan configuration on public resources
 
 description: |
-  &ensp;This technique involves scanning the configuration of public cloud resources and CI/CD pipelines for misconfigurations and vulnerabilities that can be exploited by attackers to gain unauthorized access or cause system disruption.<br>
-  &ensp;An attacker can use this technique to identify configuration weaknesses in an organization's cloud infrastructure and CI/CD pipelines, including weak authentication mechanisms, misconfigured security groups, and unsecured storage buckets.<br> 
-  &ensp;By scanning the configuration of public resources, an attacker can develop an understanding of the target's attack surface and identify vulnerabilities that can be exploited in future attacks.
+  This technique involves scanning the configuration of public cloud resources and CI/CD pipelines for misconfigurations and vulnerabilities that can be exploited by attackers to gain unauthorized access or cause system disruption.
+  An attacker can use this technique to identify configuration weaknesses in an organization's cloud infrastructure and CI/CD pipelines, including weak authentication mechanisms, misconfigured security groups, and unsecured storage buckets.
+  By scanning the configuration of public resources, an attacker can develop an understanding of the target's attack surface and identify vulnerabilities that can be exploited in future attacks.
 
 mitigations: 
   - M1000
diff --git a/content/oscar/techniques/T0107 - Discover internal artifacts names.yaml b/content/oscar/techniques/T0107 - Discover internal artifacts names.yaml
index a6361a2..2aabc27 100644
--- a/content/oscar/techniques/T0107 - Discover internal artifacts names.yaml	
+++ b/content/oscar/techniques/T0107 - Discover internal artifacts names.yaml	
@@ -10,10 +10,10 @@ realm:
 summary: Discover internal artifacts names
 
 description: |
-  &ensp;This technique involves searching for internal artifact names used in an organization's container images and SCM repositories. 
-  &ensp;Internal artifact names may include names of applications, libraries, and components used in the organization's container images or code repositories.<br>
-  &ensp;An attacker can use this technique to identify the types of technologies and software components used by an organization, which can help them to identify potential vulnerabilities and attack vectors.<br> 
-  &ensp;By discovering internal artifact names, an attacker can also gain insight into the organization's software development practices, and potentially identify development teams or individuals that are responsible for creating and maintaining specific applications or components.<br>
+  This technique involves searching for internal artifact names used in an organization's container images and SCM repositories. 
+  Internal artifact names may include names of applications, libraries, and components used in the organization's container images or code repositories.
+  An attacker can use this technique to identify the types of technologies and software components used by an organization, which can help them to identify potential vulnerabilities and attack vectors.
+  By discovering internal artifact names, an attacker can also gain insight into the organization's software development practices, and potentially identify development teams or individuals that are responsible for creating and maintaining specific applications or components.
 
 mitigations: 
   - M1001
diff --git a/content/oscar/techniques/T0108 - Accounts in public registry.yaml b/content/oscar/techniques/T0108 - Accounts in public registry.yaml
index f546c13..0f67b95 100644
--- a/content/oscar/techniques/T0108 - Accounts in public registry.yaml	
+++ b/content/oscar/techniques/T0108 - Accounts in public registry.yaml	
@@ -10,14 +10,14 @@ realm:
 summary: Accounts in public registry
 
 description: |
-  &ensp;An attacker can use accounts in public registries, such as PyPI or DockerHub, to perform a supply chain attack in several ways.<br> 
-  &ensp;One approach is to compromise the credentials of a legitimate developer account and use it to upload malicious packages or container images.<br> 
-  &ensp;The attacker can then promote the malicious artifact by using misleading descriptions or keywords, potentially increasing the number of downloads.<br>
-  &ensp;Alternatively, the attacker can create a fake developer account and upload malicious packages or container images using it.<br> 
-  &ensp;The attacker may use a similar username or avatar to legitimate developers to trick users into thinking the account is legitimate.<br> 
-  &ensp;Once the malicious artifact is uploaded, the attacker can promote it using various techniques, such as hijacking popular package names or using misleading descriptions.<br>
-  &ensp;Another approach is to target the infrastructure used by public registries, such as the servers or the communication channels used by developers to upload packages or container images.<br> 
-  &ensp;An attacker may compromise the infrastructure and use it to inject malicious code into legitimate packages or container images as they are being uploaded.
+  An attacker can use accounts in public registries, such as PyPI or DockerHub, to perform a supply chain attack in several ways.
+  One approach is to compromise the credentials of a legitimate developer account and use it to upload malicious packages or container images.
+  The attacker can then promote the malicious artifact by using misleading descriptions or keywords, potentially increasing the number of downloads.
+  Alternatively, the attacker can create a fake developer account and upload malicious packages or container images using it.
+  The attacker may use a similar username or avatar to legitimate developers to trick users into thinking the account is legitimate.
+  Once the malicious artifact is uploaded, the attacker can promote it using various techniques, such as hijacking popular package names or using misleading descriptions.
+  Another approach is to target the infrastructure used by public registries, such as the servers or the communication channels used by developers to upload packages or container images.
+  An attacker may compromise the infrastructure and use it to inject malicious code into legitimate packages or container images as they are being uploaded.
 
 mitigations: 
   - M1500
diff --git a/content/oscar/techniques/T0109 - Publish malicious artifact.yaml b/content/oscar/techniques/T0109 - Publish malicious artifact.yaml
index db7b685..d311b60 100644
--- a/content/oscar/techniques/T0109 - Publish malicious artifact.yaml	
+++ b/content/oscar/techniques/T0109 - Publish malicious artifact.yaml	
@@ -10,13 +10,13 @@ realm:
 summary: Publish malicious artifact
 
 description: |
-  &ensp;Public registries are widely used by developers and organizations to download and distribute software packages and container images, making them an attractive target for attackers.<br>
-  &ensp;In this type of attack, the attacker creates a package or container image that contains malicious code or files, such as a backdoor or other malware.<br> 
-  &ensp;The attacker then uploads the package or image to PyPI, DockerHub or other registry, posing as a legitimate user or creating a fake account.<br> 
-  &ensp;Once the package or image is uploaded, it becomes available for download by other users who may unsuspectingly use it in their projects.<br>
-  &ensp;The supply chain attack can have far-reaching consequences as it can affect all systems that rely on the malicious package or image.<br> 
-  &ensp;For example, a Python package that is downloaded from PyPI may be used by multiple applications and libraries, potentially compromising all systems that use it.<br>
-  &ensp;Similarly, a container image with a malicious payload may be used to deploy an application across multiple environments, leading to a widespread compromise.
+  Public registries are widely used by developers and organizations to download and distribute software packages and container images, making them an attractive target for attackers.
+  In this type of attack, the attacker creates a package or container image that contains malicious code or files, such as a backdoor or other malware.
+  The attacker then uploads the package or image to PyPI, DockerHub or other registry, posing as a legitimate user or creating a fake account.
+  Once the package or image is uploaded, it becomes available for download by other users who may unsuspectingly use it in their projects.
+  The supply chain attack can have far-reaching consequences as it can affect all systems that rely on the malicious package or image.
+  For example, a Python package that is downloaded from PyPI may be used by multiple applications and libraries, potentially compromising all systems that use it.
+  Similarly, a container image with a malicious payload may be used to deploy an application across multiple environments, leading to a widespread compromise.
 
 mitigations: 
   - M1090
diff --git a/content/oscar/techniques/T0110 - Advertise malicious artifact.yaml b/content/oscar/techniques/T0110 - Advertise malicious artifact.yaml
index eccd8f5..c101c81 100644
--- a/content/oscar/techniques/T0110 - Advertise malicious artifact.yaml	
+++ b/content/oscar/techniques/T0110 - Advertise malicious artifact.yaml	
@@ -10,11 +10,11 @@ realm:
 summary: Advertise malicious artifact
 
 description: |
-  &ensp;An Advertise Malicious Artifact attack is a type of cyber attack in which an attacker distributes a malicious package or container image to a broader audience, typically by advertising it on popular repositories or registries.<br>
-  &ensp;The goal of this attack is to entice users into downloading and using the malicious artifact, thereby compromising their systems.<br>
-  &ensp;In this attack, the attacker may create a fake developer account or use an existing legitimate account to upload the malicious artifact to popular repositories or registries such as PyPI or DockerHub.<br> 
-  &ensp;The attacker may then use various techniques to promote the malicious artifact, such as forum promotion, commenting, using misleading descriptions, tags, or keywords, or by hijacking popular package names.<br>
-  &ensp;Once users download and install the malicious package or container image, it can compromise their systems and potentially cause significant harm, such as stealing sensitive data or taking control of the system.
+  An Advertise Malicious Artifact attack is a type of cyber attack in which an attacker distributes a malicious package or container image to a broader audience, typically by advertising it on popular repositories or registries.
+  The goal of this attack is to entice users into downloading and using the malicious artifact, thereby compromising their systems.
+  In this attack, the attacker may create a fake developer account or use an existing legitimate account to upload the malicious artifact to popular repositories or registries such as PyPI or DockerHub.
+  The attacker may then use various techniques to promote the malicious artifact, such as forum promotion, commenting, using misleading descriptions, tags, or keywords, or by hijacking popular package names.
+  Once users download and install the malicious package or container image, it can compromise their systems and potentially cause significant harm, such as stealing sensitive data or taking control of the system.
 
 mitigations: 
   - M1090