Make readme more inviting

README.md

@@ -9,11 +9,14 @@
 [![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/7024/badge)](https://bestpractices.coreinfrastructure.org/projects/7024)
 [![Discussions](https://img.shields.io/github/discussions/OWASP/wrongsecrets)](https://github.com/OWASP/wrongsecrets/discussions)
 
-Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your
-secrets. These can help you to realize whether your secret management is ok. The challenge is to find all the different
-secrets by means of various tools and techniques.
+Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to _not_ store secrets in your software. Each of these examples is captured in a challenge, which you need to solve using various tools and techniques. Solving these challenges will help you recognize common mistakes & can help you to reflect on your own secrets management strategy.
+
+Can you solve all the 29 challenges?
+
+Try some of them on [our Heroku demo environment](https://wrongsecrets.herokuapp.com/).
+
+Want to play the other challenges? Read the instructions on how to set them up below.
 
-Can you solve all the 28 challenges?
 ![screenshotOfChallenge1](/images/screenshot.png)
 
 <a href="https://github.com/vshymanskyy/StandWithUkraine/blob/main/README.md"><img src="https://raw.githubusercontent.com/vshymanskyy/StandWithUkraine/main/banner2-no-action.svg" /></a>

src/main/resources/explanations/challenge0.adoc

@@ -4,11 +4,19 @@ Welcome to OWASP WrongSecrets its opening challenge!
 
 In this challenge, we explain you everything you need to know to play OWASP WrongSecrets.
 
-Every challenge is about finding a secret that has not been well hidden and/or configured inside our application code, Docker container, or in one of the related parts of the system.
+Every challenge is about finding a secret that has not been well hidden and/or configured inside our https://github.com/OWASP/wrongsecrets[application code], https://hub.docker.com/r/jeroenwillemsen/wrongsecrets[Docker container], or in one of the related parts of the https://github.com/OWASP/wrongsecrets#table-of-contents[system].
 
 Once you found the secret, you can put it in the box below and press "Submit". The "Clear" button will clean the input box.
 Want to play the challenge again? Press the "Reset button".
 
 The correct answer below is `The first answer` . Copy it in the box and press "Submit".
 
 Have a lot of fun with the more difficult challenges ;-).
+
+Note: some of the challenges ahead will require you to use additional tools to get to the solution. For this you need a computer with all the tools installed. Don't want to install them yourself? You can use a container to have them all available to you at once by using
+
+[source, shell]
+docker run -p 3000:3000 -v /var/run/docker.sock:/var/run/docker.sock jeroenwillemsen/wrongsecrets-desktop:latest
+
+
+Then, in your browser go to http://localhost:3000[http://localhost:3000] to find a webtop waiting for you with all the tools required.