From 79965662ca9c649e9a07cd41834cc1e084a9d095 Mon Sep 17 00:00:00 2001
From: Anton Livaja <anton@livaja.me>
Date: Fri, 2 May 2025 11:58:12 -0700
Subject: [PATCH] fix: spelling errors

---
 _layouts/threatmodel.html | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/_layouts/threatmodel.html b/_layouts/threatmodel.html
index e4d901b..e3659d3 100644
--- a/_layouts/threatmodel.html
+++ b/_layouts/threatmodel.html
@@ -42,7 +42,7 @@
 						<h3 id="level-2">Level 2</h3>
 						<p>Defense against insiders.</p>
 						<h5>Adversary</h5>
-						<p>We assume the adversary is an individual or system that already has some level of privilige or trust inside the organization. This could be anything from a disgruntled employee to a compromised work station or server.</p>
+						<p>We assume the adversary is an individual or system that already has some level of privilege or trust inside the organization. This could be anything from a disgruntled employee to a compromised work station or server.</p>
 						<h5>Capabilities</h5>
 						<ul>
 							<li>Can execute any code on at least one work station.</li>
@@ -52,7 +52,7 @@
 							<li>Unencrypted traffic interception.</li>
 							<li>Injection of malicious code into development pipelines.</li>
 							<li>Physical access to all devices in the office.</li>
-							<li>Ability to impersonate unsigned actions of other empyoyees</li>
+							<li>Ability to impersonate unsigned actions of other employees</li>
 						</ul>
 					</div>
 				</section>
@@ -63,12 +63,12 @@
 						<p>Defense against well-funded organizations.</p>
 						<h5>Adversary</h5>
 						<p>An organized, well-funded group possessing diverse expertise across multiple domains (malware, supply chain, network exploitation, physical access, insider recruitment). Capable of sustained campaigns combining internal and external compromise.</p>
-						<h5>Capabilies</h5>
+						<h5>Capabilities</h5>
 						<ul>
 							<li>Deployment of agents willing to commit physical violence.</li>
 							<li>Compromised third party insiders (GitHub, AWS etc.)</li>
-							<li>Ability to do extensive reconnoisance on all personnell.</li>
-							<li>Access to large botnets or server farms.</li>
+							<li>Ability to do extensive reconnaissance on all personnel.</li>
+							<li>Access to large bot-nets or server farms.</li>
 							<li>Ability to purchase 0-day exploits for any internet connected device.</li>
 							<li>Coordinated, multi-stage attacks across digital and physical realms.</li>
 						</ul>