#1398: added final missing pagebreaks

OWASP · Aug 4, 2019 · c985a1e · c985a1e
1 parent d9ea4f1
commit c985a1e
Show file tree

Hide file tree

Showing 7 changed files with 22 additions and 3 deletions.
diff --git a/.markdownlint.json b/.markdownlint.json
@@ -2,6 +2,6 @@
     "MD013": false,
     "MD014": false,
     "MD024": false,
-    "MD033": {"allowed_elements": ["img", "br"]},
+    "MD033": {"allowed_elements": ["img", "br", "div"]},
     "MD041": false
 }
diff --git a/Document/0x03-Overview.md b/Document/0x03-Overview.md
@@ -22,8 +22,8 @@ Fragmentation is a problem we deal with especially on Android devices. Not every
 
 Mobile devices regularly connect to a variety of networks, including public WiFi networks shared with other (potentially malicious) clients. This creates opportunities for a wide variety of network-based attacks ranging from simple to complicated and old to new. It's crucial to maintain the confidentiality and integrity of information exchanged between the mobile app and remote service endpoints. As a basic requirement, mobile apps must set up a secure, encrypted channel for network communication using the TLS protocol with appropriate settings.
 
-<br/>
-<br/>
+<div style="page-break-after: always;">
+</div>
 
 #### Authentication and Authorization
 

diff --git a/Document/0x04c-Tampering-and-Reverse-Engineering.md b/Document/0x04c-Tampering-and-Reverse-Engineering.md
@@ -135,6 +135,9 @@ The [Valgrind README](http://valgrind.org/docs/manual/dist.readme-android.html "
 
 Running an app in the emulator gives you powerful ways to monitor and manipulate its environment. For some reverse engineering tasks, especially those that require low-level instruction tracing, emulation is the best (or only) choice. Unfortunately, this type of analysis is only viable for Android, because no emulator exists for iOS (the iOS simulator is not an emulator, and apps compiled for an iOS device don't run on it). We'll provide an overview of popular emulation-based analysis frameworks for Android in the "Tampering and Reverse Engineering on Android" chapter.
 
+<br/>
+<br/>
+
 #### Custom Tooling with Reverse Engineering Frameworks
 
 Even though most professional GUI-based disassemblers feature scripting facilities and extensibility, they are simply not well-suited to solving particular problems. Reverse engineering frameworks allow you to perform and automate any kind of reversing task without depending on a heavy-weight GUI. Notably, most reversing frameworks are open source and/or available for free. Popular frameworks with support for mobile architectures include [Radare2](https://github.com/radare/radare2 "radare2") and [Angr](https://github.com/angr/angr "Angr").

diff --git a/Document/0x04f-Testing-Network-Communication.md b/Document/0x04f-Testing-Network-Communication.md
@@ -145,6 +145,9 @@ When testing a Xamarin app and when you are trying to set the system proxy in th
 
 The interception proxy need to listen to the port specified in the port forwarding rule above, which is 8080.
 
+<br/>
+<br/>
+
 ##### CA Certificates
 
 If not already done, install the CA certificates in your mobile device which will allow us to intercept HTTPS requests:
@@ -360,6 +363,9 @@ Identify all of the tested application's critical operations (e.g., user enrollm
 - <https://motherboard.vice.com/en_us/article/vbqax3/hackers-sim-swapping-steal-phone-numbers-instagram-bitcoin>
 - How to protect yourself against a SIM swap attack - <https://www.wired.com/story/sim-swap-attack-defend-phone/>
 
+<br/>
+<br/>
+
 #### IETF
 
 - RFC 6176 - <https://tools.ietf.org/html/rfc6176>

diff --git a/Document/0x04g-Testing-Cryptography.md b/Document/0x04g-Testing-Cryptography.md
@@ -19,6 +19,10 @@ Encryption algorithms converts plaintext data into cipher text that conceals the
 
 **Key Derivation Functions** (KDFs) derive secret keys from a secret value (such as a password) and are used to turn keys into other formats or to increase their length. KDFs are similar to hashing functions but have other uses as well (for example, they are used as components of multi-party key-agreement protocols). While both hashing functions and KDFs must be difficult to reverse, KDFs have the added requirement that the keys they produce must have a level of randomness.
 
+<br/>
+<br/>
+<br/>
+
 ### Identifying Insecure and/or Deprecated Cryptographic Algorithms (MSTG-CRYPTO-4)
 
 When assessing a mobile app, you should make sure that it does not use cryptographic algorithms and protocols that have significant known weaknesses or are otherwise insufficient for modern security requirements. Algorithms that were considered secure in the past may become insecure over time; therefore, it's important to periodically check current best practices and adjust configurations accordingly.

diff --git a/Document/0x05a-Platform-Overview.md b/Document/0x05a-Platform-Overview.md
@@ -48,6 +48,9 @@ For example, Android Nougat defines the following system users:
     ...
 ```
 
+<br/>
+<br/>
+
 #### Android Device Encryption
 
 Android supports device encryption from 2.3.4 version and it has undergone some big changes since then. Google imposed that all devices running Android 6 or higher had to support storage encryption. Although some low-end devices were exempt because it would significantly impact performance. In the following sections you can find information about device encryption and its algorithms.

diff --git a/Document/0x05b-Basic-Security_Testing.md b/Document/0x05b-Basic-Security_Testing.md
@@ -151,6 +151,9 @@ Virtually any Android mobile can be rooted. Commercial versions of Android OS (w
 
 To root a mobile device, first unlock its boot loader. The unlocking procedure depends on the device manufacturer. However, for practical reasons, rooting some mobile devices is more popular than rooting others, particularly when it comes to security testing: devices created by Google and manufactured by companies like Samsung, LG, and Motorola are among the most popular, particularly because they are used by many developers. The device warranty is not nullified when the boot loader is unlocked and Google provides many tools to support the root itself. A curated list of guides for rooting all major brand devices is posted on the [XDA forums](https://www.xda-developers.com/root/ "Guide to rooting mobile devices").
 
+<br/>
+<br/>
+
 ###### Rooting with Magisk
 
 Magisk ("Magic Mask") is one way to root your Android device. It's specialty lies in the way the modifications on the system are performed. While other rooting tools alter the actual data on the system partition, Magisk does not (which is called "systemless"). This enables a way to hide the modifications from root-sensitive applications (e.g. for banking or games) and allows using the official Android OTA upgrades without the need to unroot the device beforehand.