quality review

Aif4thah · Nov 5, 2024 · 6076b44 · 6076b44
1 parent 62dce52
commit 6076b44
Show file tree

Hide file tree

Showing 4 changed files with 42 additions and 31 deletions.
diff --git a/Dojo-101-Apprentissage/20-MESP-Baseline-Windows.md b/Dojo-101-Apprentissage/20-MESP-Baseline-Windows.md
@@ -8,9 +8,9 @@ Ce contenu est publié sous licence "GNU GENERAL PUBLIC LICENSE Version 3" et le
 
 ## Ressources
 
+* [Windows Security Baselines](https://learn.microsoft.com/fr-fr/windows/security/operating-system-security/device-management/windows-security-configuration-framework/windows-security-baselines)
 * [MSCT](https://learn.microsoft.com/fr-fr/windows/security/operating-system-security/device-management/windows-security-configuration-framework/security-compliance-toolkit-10)
 * [auditpol](https://learn.microsoft.com/fr-fr/windows-server/administration/windows-commands/auditpol)
-* [MS Security Blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/bg-p/Microsoft-Security-Baselines)
 * [Gestes professionnels](https://github.com/Aif4thah/Dojo-101)
 
 ## Contexte

diff --git a/Dojo-101-Apprentissage/95-Analyse-Forensics → ...101-Apprentissage/95-Analyse-Forensics.md b/Dojo-101-Apprentissage/95-Analyse-Forensics → ...101-Apprentissage/95-Analyse-Forensics.md
diff --git a/Dojo-101-DevSec/Python-basics.md b/Dojo-101-DevSec/Python-basics.md
@@ -246,7 +246,7 @@ response = requests.get(url, headers=headers, verify=False)
 
 # Vérification des conditions de correspondance
 if response.status_code == 200 and ("success" in response.text or "16-bit" in response.text):
-    print("Condition matched: success or 16-bit found and status is 200")
+    print("Condition matched and status is 200")
 else:
     print(f"Received status code: {response.status_code} with no matching content")
 ```
@@ -352,4 +352,7 @@ if __name__ == "__main__":
 ```python
 import threading
 threading.Thread( target = <fonction>, args = [ <argument> ] ).start()
-```
+```
+
+## Fuzzing exemple
+
diff --git a/quality/src/main.rs b/quality/src/main.rs
@@ -14,14 +14,14 @@ fn main() {
     let parent_dir = get_parent_directory();
     println!("\n[*] Dojo 101 path: {:?}", parent_dir);
 
-    let (files, non_markdown_files) = get_files(&parent_dir);
-    println!("\n[*] Dojo-101 content files : {}", files.len());
+    let (mardkown_files, non_markdown_files) = get_files(&parent_dir);
+    println!("\n[*] Dojo-101 content files : {}", mardkown_files.len());
     println!("\n[*] Non-markdown files: {:?}", non_markdown_files);
 
     println!("\n[*] check subdirectories...");
     check_subdirectories(&parent_dir);
 
-    let urls = extract_urls(&files);
+    let urls = extract_urls(&mardkown_files);
     println!("\n[*] Number of unique URLs in markdown files: {}", urls.len());
     println!("\n[*] check urls...");
     check_urls(&urls);
@@ -31,38 +31,48 @@ fn main() {
 
 fn get_parent_directory() -> std::path::PathBuf {
     let current_dir = std::env::current_dir().unwrap();
+
     current_dir.parent().unwrap().to_path_buf()
 }
 
 fn get_files(parent_dir: &std::path::Path) -> (Vec<std::path::PathBuf>, Vec<std::path::PathBuf>) {
-    let mut files = vec![];
+    /*
+    récupère les fichiers qui proposent du contenu
+    et identifie les fichiers qui ne sont pas au format markdwon
+    */
+    let mut mardkown_files = vec![];
     let mut non_markdown_files = vec![];
-
     for entry in WalkDir::new(parent_dir).min_depth(1).max_depth(3) {
         let entry = entry.unwrap();
         let path = entry.path();
 
-        if is_dojo101_file(path) {
-            files.push(path.to_path_buf());
-            if path.extension().unwrap_or_default() != "md" {
-                non_markdown_files.push(path.to_path_buf());
-            }
+        if is_dojo101_content(path) {          
+            if path.extension().unwrap_or_default() == "md" { mardkown_files.push(path.to_path_buf());}
+            else{ non_markdown_files.push(path.to_path_buf()); }
         }
     }
-    (files, non_markdown_files)
+
+    (mardkown_files, non_markdown_files)
 }
 
-fn is_dojo101_file(path: &std::path::Path) -> bool {
+fn is_dojo101_content(path: &std::path::Path) -> bool {
+    /*
+    exclusion des fichiers issus des dossiers qui ne contiennent pas du contenu markdown
+    */
     for ancestor in path.ancestors() {
         let dir_name = ancestor.file_name().unwrap_or_default().to_str().unwrap();
         if dir_name == "quality" || dir_name == "images" || dir_name.starts_with('.') {
             return false;
         }
     }
+
     path.is_file()
 }
 
 fn check_subdirectories(parent_dir: &std::path::Path) {
+    /*
+    Limite la présence de sous-dossiers dans les sous-dossiers
+    */
     for entry in WalkDir::new(parent_dir).min_depth(1).max_depth(1) {
         let entry = entry.unwrap();
         let path = entry.path();
@@ -80,41 +90,39 @@ fn check_subdirectories(parent_dir: &std::path::Path) {
 }
 
 fn extract_urls(files: &[std::path::PathBuf]) -> HashSet<String> {
+    /*
+    Extraction des URLs dans les fichiers md
+    */
     let url_regex = Regex::new(r"\[([^\]]+)\]\((https?://[^\s\)]+)\)").unwrap();
     let mut urls = HashSet::new();
-
     for path in files.iter().filter(|p| p.extension().unwrap_or_default() == "md") {
         let content = fs::read_to_string(path).unwrap();
         for cap in url_regex.captures_iter(&content) {
             urls.insert(cap[2].to_string());
         }
     }
+
     urls
 }
 
 fn check_urls(urls: &HashSet<String>) {
+    /*
+    Vérifie la validité des URLs
+    */
     let client = Client::new();
-    let headers = build_headers();
-
+    let mut headers = HeaderMap::new();
+    headers.insert(USER_AGENT, HeaderValue::from_static("Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0"));
+    headers.insert(ACCEPT, HeaderValue::from_static("text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8"));
+    headers.insert(ACCEPT_LANGUAGE, HeaderValue::from_static("fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3"));
+    headers.insert(ACCEPT_ENCODING, HeaderValue::from_static("gzip, deflate, br, zstd"));
     for url in urls {
         match client.get(url).headers(headers.clone()).send() {
             Ok(response) => {
-                if !response.status().is_success() {
-                    println!("\n[!] URL is not valid: {} (status: {})", url, response.status());
-                }
+                if !response.status().is_success() { println!("\n[!] URL is not valid: {} (status: {})", url, response.status()); }
             }
             Err(err) => {
                 println!("\n[!] Failed to check URL: {} (error: {})", url, err);
             }
         }
     }
-}
-
-fn build_headers() -> HeaderMap {
-    let mut headers = HeaderMap::new();
-    headers.insert(USER_AGENT, HeaderValue::from_static("Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:130.0) Gecko/20100101 Firefox/130.0"));
-    headers.insert(ACCEPT, HeaderValue::from_static("text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8"));
-    headers.insert(ACCEPT_LANGUAGE, HeaderValue::from_static("fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3"));
-    headers.insert(ACCEPT_ENCODING, HeaderValue::from_static("gzip, deflate, br, zstd"));
-    headers
-}
+}