refact of the code

.dockerignore

@@ -1,3 +1,3 @@
 README.md
 Dockerfile
-.dockerignore
+.dockerignore

README.md

@@ -1,28 +1,47 @@
-# CVWA - Gladius Blog
+<p align="center">
+  <h3 align="center"><b>CVWA</b></h3>
+  <p align="center">Conviso Vulnerable Web Application</p>
+  <p align="center">
+    <a href="https://github.com/convisolabs/CVWA/master/LICENSE.md">
+      <img src="https://img.shields.io/badge/license-MIT-blue.svg">
+    </a>
+    <a href="https://github.com/convisolabs/CVWA/releases">
+      <img src="https://img.shields.io/badge/version-0.0.1-blue.svg">
+    </a>
+  </p>
+</p>
 
-### Descrição
+---
+
+### Description
 
 Essa aplicação simula um Blog onde um usuário pode pesquisar e acessar publicações do seu interesse. Os vetores de ataques são muitos, identicos a um ambiente real.
 
 ---
 
-### Montando o ambiente
+### How to deploy on local machines
 
 ```bash
-$ docker build -t second-level .
-$ docker container run -ti -p 80:80 second-level
+$ git clone https://github.com/convisolabs/CVWA
+$ cd CVWA
+$ docker build -t cvwa .
+$ docker container run -ti -p 8080:8080 cvwa
 ```
 
-### To do
-
-- Incluir uma etapa de LPE
-
 ---
 
-### PTaaS Challenge
+### Challenge
 
 O objetivo desse desafio é que o candidato analise e encontre falhas no ambiente preparado para o teste, o qual consiste em uma aplicação web com algumas vulnerabilidades e falsos positivos, com o intuito de validar principalmente a capacidade analítica do candidato, além de alguns conhecimentos técnicos. Ao fim da análise, deverá ser enviado um relatório descrevendo todo o fluxo das explorações feitas, preferencialmente aliado a um bom detalhamento de todo o processo para que tenhamos visibilidade dos conhecimentos gerais do candidato em questão.
 
-Prazo: 7 dias
+---
+
+### Contribution
+
+- Your contributions and suggestions are heartily ♥ welcome. [See here the contribution guidelines.](/.github/CONTRIBUTING.md) Please, report bugs via [issues page](https://github.com/convisolabs/CVWA/issues) and for security issues, see here the [security policy.](/SECURITY.md) (✿ ◕‿◕)
 
 ---
+
+### License
+
+- This work is licensed under [MIT License.](/LICENSE.md)

appspec.yml

@@ -1,4 +1,4 @@
-version: 0.0
+version: 0.0.1
 os: linux
 files:
  - source: .
@@ -9,5 +9,5 @@ hooks:
       timeout: 300
       runas: root
   ApplicationStart:
-    - location: scripts/grupo-html.sh
+    - location: scripts/group-html.sh
       timeout: 300

css/style.css → assets/css/style.css

@@ -9,89 +9,86 @@ body {
 	background: #e6e6e6;
 }
 
-#header{
+#header {
 	background-color: #FFA400;
 	padding: px;
 	text-align: center;
-
 }
 
-#logo, #menu{
+#logo, #menu {
 	padding: 10px;
 }
 
-#area{
+#area {
 	width: 920px;
 	margin: 0 auto;
 	padding: 15px;
 
 }
 
-#posts-area{
+#posts-area {
 	width: 660px;
 	float: left;
 }
 
-#side-area{
+#side-area {
 	width: 240px;
 	float: right;
 }
 
 
-.posts{
+.posts {
 	padding: 20px;
 	margin-bottom: 20px;
 	background: white;
 }
 
-#baseboard{
+#baseboard {
 	clear: both;
 	text-align: center;
 	padding: 15px;
 	background: #CCC;
 }
 
-#header a:link, #header a:visited{
+#header a:link, #header a:visited {
 	color: #FFF;
 	padding: 8px 12px;
 }
 
-#header a:hover{
+#header a:hover {
 	color: #FFF;
 	background: #383b74;
 }
 
-a:link, a:visited{
+a:link, a:visited {
 	color: #383b74
 }
 
-a:hover{
+a:hover {
 	text-decoration: none;
 	font-weight: bold;
 }	
 
-a{
+a {
 	text-decoration: none;
 }
 
-
-h1{
+h1 {
 	color: #383b74;
 	font-size: 3.5em;
 	font-family: monospace;
 }
 
-h2{
+h2 {
 	color: #FFA400;
 }
 
-h3{
+h3 {
 	color: #565656;
 	background: #CCC;
 	padding: 5px;
 }
 
-
 .white{
 	color: white;
 }
@@ -122,7 +119,6 @@ h3{
 	border-bottom: 1px groove #CCC;
 }
 
-/* Style the search field */
 form.example input[type=text] {
   padding: 10px;
   font-size: 17px;
@@ -132,7 +128,6 @@ form.example input[type=text] {
   background: #f1f1f1;
 }
 
-/* Style the submit button */
 form.example button {
   float: left;
   width: 20%;
@@ -141,15 +136,14 @@ form.example button {
   color: white;
   font-size: 17px;
   border: 1px solid grey;
-  border-left: none; /* Prevent double borders */
+  border-left: none;
   cursor: pointer;
 }
 
 form.example button:hover {
   background: #383b74;
 }
 
-/* Clear floats */
 form.example::after {
   content: "";
   clear: both;

includes/content.html

@@ -0,0 +1,20 @@
+<div id="posts-area">
+    <div class="posts">
+        <h2>Exploiting XSS Attacks</h2>
+        <span class="post-date">Published on 19 Mar 2021</span>
+        <img width="620px" src="../assets/images/js.png">
+        <p>
+            Vivamus libero sapien, ultrices pellentesque euismod et, ultricies a nunc. Curabitur ut ullamcorper orci. Etiam quis odio mauris. Curabitur a interdum ligula. Fusce nec rhoncus ex. Donec posuere mollis mi ac porttitor. Nam sit amet molestie lorem. Sed iaculis nunc ligula, faucibus tincidunt odio egestas eu. 
+        </p>
+        <a href=/site/index.php">Keep Reading</a>
+    </div>
+    <div class="posts">
+        <h2>#whoami</h2>
+        <span class="post-date">Published on 18 Mar 2021</span>
+        <img width="620px" src="../assets/images/gladius-with-background.jpg">
+        <p>
+            Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur dignissim bibendum odio, eget rutrum leo volutpat nec. Duis commodo justo vel lectus aliquam, id vehicula erat laoreet. Sed eu libero quam. Duis nec iaculis lorem. Sed suscipit et mi eget varius. Sed a convallis dui.
+        </p>
+        <a href="/site/about.php">Keep Reading</a>
+    </div>
+</div>

includes/footer.html

@@ -0,0 +1,5 @@
+<footer>
+    <div id="baseboard">
+        <b>All rights reserved</b>
+    </div>
+</footer>

includes/head.html

@@ -0,0 +1,7 @@
+<head>
+    <title>Gladius InfoSec Blog</title>
+    <meta charset="utf-8">
+    <link rel="stylesheet" type="text/css" href="../assets/css/style.css">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
+    <link rel="icon" type="image/png" href="../assets/images/favicon.png"/>
+</head>

includes/header.html

@@ -0,0 +1,14 @@
+<header>
+    <div id="header">
+        <div id="logo">
+            <h1>Gladius<span class="white"> InfoSec Blog<span> <h1>
+        </div>
+        <div id="menu">
+            <a href="render.php?page=site/index"><b>Home</b></a>
+            <a href="render.php?page=site/404"><b>News</b></a>
+            <a href="render.php?page=site/404"><b>Tutorials</b></a>
+            <a href="render.php?page=site/about"><b>About</b></a>
+        </div>
+    </div>
+    <img class="absolute" src="../assets/images/gladius-transparent.png"> 
+</header>

includes/search.html

@@ -0,0 +1,7 @@
+<div class="side-content">	
+    <form class="example" action="index.php">
+        <input type="text" placeholder="Search.." name="search">
+        <button type="submit"><i class="fa fa-search"></i></button>
+    </form>
+    <br>
+</div>

includes/side-content.html

@@ -0,0 +1,21 @@
+<div class="side-content">
+    <h3>Recent Posts</h3>
+    <div class="side-posts">
+        <p>Exploiting XSS Attacks</p>
+        <a href="index.php">Read More</a>
+    </div>
+    <div class="side-posts" style="border-bottom: none;">
+        <p>#whoami</p>
+        <a href="/about.php">Read More</a>
+    </div>
+</div>
+
+<div class="side-content">
+    <h3>Categories</h3>
+    <a href="?category=webhacking">Web Hacking</a><br>
+    <a href="?category=mobilehacking">Mobile Hacking</a><br>
+    <a href="?category=osint">OSINT</a><br>
+    <a href="?category=tools">Tools</a><br>
+    <a href="?category=privesc">PrivEsc</a>
+    </div>
+</div>