public
/
website
5
0
Fork 0
Code Issues 6 Pull Requests 3 Packages Projects Releases Wiki Activity

fix: spelling errors

This commit is contained in:
Anton Livaja 2025-05-02 11:58:12 -07:00
parent 358dccf107
commit 79965662ca
Signed by: anton
GPG Key ID: 44A86CFF1FDF0E85
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
_layouts/threatmodel.html
View File

@ -42,7 +42,7 @@
<h3 id="level-2">Level 2</h3>
<p>Defense against insiders.</p>
<h5>Adversary</h5>
<p>We assume the adversary is an individual or system that already has some level of privilige or trust inside the organization. This could be anything from a disgruntled employee to a compromised work station or server.</p>
<p>We assume the adversary is an individual or system that already has some level of privilege or trust inside the organization. This could be anything from a disgruntled employee to a compromised work station or server.</p>
<h5>Capabilities</h5>
<ul>
<li>Can execute any code on at least one work station.</li>
@ -52,7 +52,7 @@
<li>Unencrypted traffic interception.</li>
<li>Injection of malicious code into development pipelines.</li>
<li>Physical access to all devices in the office.</li>
<li>Ability to impersonate unsigned actions of other empyoyees</li>
<li>Ability to impersonate unsigned actions of other employees</li>
</ul>
</div>
</section>
@ -63,12 +63,12 @@
<p>Defense against well-funded organizations.</p>
<h5>Adversary</h5>
<p>An organized, well-funded group possessing diverse expertise across multiple domains (malware, supply chain, network exploitation, physical access, insider recruitment). Capable of sustained campaigns combining internal and external compromise.</p>
<h5>Capabilies</h5>
<h5>Capabilities</h5>
<ul>
<li>Deployment of agents willing to commit physical violence.</li>
<li>Compromised third party insiders (GitHub, AWS etc.)</li>
<li>Ability to do extensive reconnoisance on all personnell.</li>
<li>Access to large botnets or server farms.</li>
<li>Ability to do extensive reconnaissance on all personnel.</li>
<li>Access to large bot-nets or server farms.</li>
<li>Ability to purchase 0-day exploits for any internet connected device.</li>
<li>Coordinated, multi-stage attacks across digital and physical realms.</li>
</ul>