Documentation fixes

kmcquade · kmcquade · commit f649168e8d04 · 2021-02-14T14:16:11.000-05:00
diff --git a/README.md b/README.md
@@ -19,7 +19,7 @@ Use a one-liner command to backdoor an AWS account's resources with a rogue AWS
 
 ```bash
 # this will ruin your day
-endgame smash --service all --evil-principal "*" --dry-run
+endgame smash --service all --evil-principal "*"
 # This will show you how your day could have been ruined
 endgame smash --service all --evil-principal "*" --dry-run
 # Atone for your sins
@@ -224,7 +224,7 @@ We recommend that AWS take the following measures in response:
 * Increase Access Advisor Support to cover the resources that can be exposed via Resource-based Policy modification, AWS RAM resource sharing, and resource-specific sharing APIs (such as RDS snapshots, EBS snapshots, and EC2 AMIs)
 * Create GuardDuty rules that detect anomalous exposure of resources outside your AWS Organization.
 * Expand the current limit of 5 SCPs per AWS account to 200. (for comparison, the Azure equivalent - Azure Policies - has a limit of [200 Policy or Initiative Assignments per subscription](https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits#azure-policy-limits))
-* Improve the AWS SCP service to support "Audit" mode, which will increase customer adoption and make it easier for customers to both pilot and roll out new guardrails.
+* Improve the AWS SCP service to support an "Audit" mode that would record in CloudTrail whether API calls would have been denied had the SCP not been in audit mode. This would increase customer adoption and make it easier for customers to both pilot and roll out new guardrails. (for comparison, the Azure Equivalent - Azure Policies - already [supports Audit mode](https://docs.microsoft.com/en-us/azure/governance/policy/concepts/effects#audit).
 * Support the usage of `sts:AssumeRole` to prevent calls from outside your AWS Organization, with targeted exceptions.
 
 ## Recommendations to Blue Teams
diff --git a/docs/appendices/permissions-management-actions.md b/docs/appendices/permissions-management-actions.md
diff --git a/docs/appendices/roadmap.md b/docs/appendices/roadmap.md
diff --git a/docs/appendices/user-agent-detection.md b/docs/appendices/user-agent-detection.md
diff --git a/docs/contributing/testing.md b/docs/contributing/testing.md
@@ -36,6 +36,7 @@ make integration-test
 ```
 
 This does the following:
+
 * Sets up your local dev environment (see `setup-dev`) in the `Makefile`
 * Creates the Terraform infrastructure (see `terraform-demo` in the `Makefile`)
 * Runs `list-resources`, `exploit --dry-run`, and `expose` against this live infrastructure
diff --git a/docs/iam-permissions.md b/docs/iam-permissions.md
@@ -2,8 +2,7 @@
 
 The IAM Permissions listed below are used to create these backdoors.
 
-> **NOTE**: You don't need **all** of these permissions to run the tool. You just need enough from each service. So, `s3:ListAllMyBuckets`, `s3:GetBucketPolicy`, and `s3:PutBucketPolicy` are all the permissions needed to leverage this tool to expose S3 buckets.
-
+You don't need **all** of these permissions to run the tool. You just need enough from each service. For example, `s3:ListAllMyBuckets`, `s3:GetBucketPolicy`, and `s3:PutBucketPolicy` are all the permissions needed to leverage this tool to expose S3 buckets.
 
 ```json
 {
diff --git a/docs/index.md b/docs/index.md
@@ -1,4 +1,4 @@
 endgame
 =======
 
-Introduction goes here.
+Introduction from the main README should go here after we iron it out.
diff --git a/docs/risks/sns.md b/docs/risks/sns.md
@@ -1,4 +1,4 @@
-# SNS
+# SNS Topics
 
 * [Steps to Reproduce](#steps-to-reproduce)
 * [Exploitation](#exploitation)
diff --git a/docs/risks/sqs.md b/docs/risks/sqs.md
@@ -1,4 +1,4 @@
-# SQS
+# SQS Queues
 
 * [Steps to Reproduce](#steps-to-reproduce)
 * [Exploitation](#exploitation)
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -40,9 +40,9 @@ nav:
     - RDS Snapshots: 'risks/rds-snapshots.md'
     - S3 Buckets: 'risks/s3.md'
     - Secrets Manager: 'risks/secretsmanager.md'
-    - SES: 'risks/ses.md'
-    - SNS: 'risks/sns.md'
-    - SQS: 'risks/sqs.md'
+    - SES Authorized Senders: 'risks/ses.md'
+    - SNS Topics: 'risks/sns.md'
+    - SQS Queues: 'risks/sqs.md'
 
   - "<b>Contributing</b>":
     - Contributing: 'contributing/contributing.md'
@@ -51,3 +51,6 @@ nav:
   - "<b>Appendices</b>":
     - Terraform Demo Infrastructure: 'appendices/terraform-demo-infrastructure.md'
     - ACM PCA Activation: 'appendices/acm-pca-activation.md'
+    - User-Agent Detection: 'appendices/user-agent-detection.md'
+    - Roadmap: 'appendices/roadmap.md'
+    - FAQ: 'appendices/faq.md'

Original file line number	Diff line number	Diff line change
`@@ -2,8 +2,7 @@`
`2`	`2`
`3`	`3`	`The IAM Permissions listed below are used to create these backdoors.`
`4`	`4`
`5`		-> NOTE: You don't need all of these permissions to run the tool. You just need enough from each service. So, `s3:ListAllMyBuckets`, `s3:GetBucketPolicy`, and `s3:PutBucketPolicy` are all the permissions needed to leverage this tool to expose S3 buckets.
`6`		`-`
	`5`	+You don't need all of these permissions to run the tool. You just need enough from each service. For example, `s3:ListAllMyBuckets`, `s3:GetBucketPolicy`, and `s3:PutBucketPolicy` are all the permissions needed to leverage this tool to expose S3 buckets.
`7`	`6`
`8`	`7`	```json
`9`	`8`	`{`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-# SNS`
	`1`	`+# SNS Topics`
`2`	`2`
`3`	`3`	`* [Steps to Reproduce](#steps-to-reproduce)`
`4`	`4`	`* [Exploitation](#exploitation)`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-# SQS`
	`1`	`+# SQS Queues`
`2`	`2`
`3`	`3`	`* [Steps to Reproduce](#steps-to-reproduce)`
`4`	`4`	`* [Exploitation](#exploitation)`