Spell check data targeting - aligning uppercase to rest of table (#13)

* typo fixed

* Align Uppercase to rest of descriptions in table

* proposal for punctuation

* no proper noun - aligning to rest of page

* aligning uppercase to rest of table

Co-authored-by: Jacob Reynolds <[email protected]>

Author: secf00tprint

_data/injectionDescriptions.yml

@@ -6,9 +6,9 @@ blindBased: Blind SQL injection is one of the more advanced methods of injection
 conditionalStatements: Conditional statements are beneficial for creating complex queries and aiding in Blind Injection.
 injectionPlacement: SQL injection is always a hassle when it isn't apparent where the injection is taking place. It is helpful to have a few ways to exploit injections in various parts of the query.
 injectionObfuscation: Obfuscating queries aids in bypassing Web Application Firewalls (WAFs) and Intrusion Detection/Prevention Systems (IDS/IPS). Below are examples of basic query obfuscations, they may require modification before being applied to certain injections.
-dataExfiltration: Exfiltrating data allows easier data analysis, as well as an offline copy of any compromised data.  Data can be exfiltrated through files, various Layer 4 requests, and hidden techniques.
+dataExfiltration: Exfiltrating data allows easier data analysis, as well as an offline copy of any compromised data.  Data can be exfiltrated through files, various layer 4 requests, and hidden techniques.
 dataTargeting: Being able to properly target and identify sensitive information can exponentially decrease time spent in a database. This means less time spent poking around and more time spent researching other vectors.
-executingOSCommands: Running OS commands is one of the primary objectives of SQL injection, this aids in getting full control of the host OS. This may happen by directly executing commands, modifying existing data to put a shell on a webpage, or exploiting hidden functionality in the database.
+executingOSCommands: Running OS commands is one of the primary objectives of SQL injection - this aids in getting full control of the host OS. This may happen by directly executing commands, modifying existing data to put a shell on a webpage, or exploiting hidden functionality in the database.
 informationGathering: It is often valuable to gather information about any testing environment; version numbers, user accounts, and databases all help in escalating vulnerabilities. Below are common methods for this.
 lateralMovement: Lateral movement allows a tester to gain access to different sets of functionality/data that don't explicitly require a more privileged user. Switching user accounts laterally will expose different information and could aid in compromising a more privileged user.
 privilegeEscalation: Certain functionalities require a privileged user and for escalating a vulnerability a privileged user is always the first step.

attackQueries/dataTargeting/oracle.html

@@ -21,7 +21,7 @@ <h3 id="data-targeting-queries">Data Targeting queries</h3>
       <td>SELECT * FROM session_privs<br>SELECT * FROM USER_SYS_PRIVS<br>SELECT * FROM USER_TAB_PRIVS<br>SELECT * FROM USER_TAB_PRIVS_MADE<br>SELECT * FROM USER_TAB_PRIVS_RECD<br>SELECT * FROM ALL_TAB_PRIVS<br>SELECT * FROM USER_ROLE_PRIVS<br></td>
     </tr>
     <tr>
-      <td>Extracting stored procedure/Java sources</td>
+      <td>Extracting Stored Procedure/Java Sources</td>
       <td>SELECT * FROM all_source WHERE owner NOT IN ('SYS','SYSTEM')<br>SELECT * FROM all_source WHERE TYPE LIKE '%JAVA %'<br>SELECT TO_CHAR(DBMS_METADATA.get_ddl('TABLE','DEPT','CONSUELA')) FROM dual</td>
     </tr>
   </tbody>

attackQueries/executingOSCommands/index.html

@@ -1,6 +1,6 @@
 ---
 layout: tab
-description: Running OS commands is one of the primary objectives of SQL injection, this aids in getting full control of the host OS.
+description: Running OS commands is one of the primary objectives of SQL injection - this aids in getting full control of the host OS.
 keywords: os command, operating system command, command injection
 title: OS Commands | NetSPI SQL Injection Wiki 
 tabs: