Normalize page header for GraphQL, Deserialization, SCM

Insecure Source Code Management/README.md

@@ -1,15 +1,17 @@
 # Insecure Source Code Management
 
-Insecure Source Code Management (SCM) can lead to several critical vulnerabilities in web applications and services. Developers often rely on SCM systems like Git and Subversion (SVN) to manage their source code versions. However, poor security practices, such as leaving .git and .svn folders in production environments exposed to the internet, can pose significant risks. 
+> Insecure Source Code Management (SCM) can lead to several critical vulnerabilities in web applications and services. Developers often rely on SCM systems like Git and Subversion (SVN) to manage their source code versions. However, poor security practices, such as leaving .git and .svn folders in production environments exposed to the internet, can pose significant risks. 
 
 
 ## Summary
 
+* [Methodology](#methodology)
 * [Bazaar](./Bazaar.md)
 * [Git](./Git.md)
 * [Mercurial](./Mercurial.md)
 * [Subversion](./Subversion.md)
-* [Methodology](#methodology)
+* [Labs](#labs)
+* [References](#references)
 
 
 ## Methodology
@@ -26,6 +28,7 @@ The first step is to gather information about the target application. This can b
 * **Manual Inspection** : Check URLs manually by navigating to common SCM paths.
     * http://target.com/.git/
     * http://target.com/.svn/
+
 * **Automated Tools** : Refer to the page related to the specific technology.
 
 Once a potential SCM folder is identified, check the HTTP response codes and contents. You might need to bypass `.htaccess` or Reverse Proxy rules.
@@ -40,6 +43,10 @@ location /.git {
 
 For example in Git, the exploitation technique doesn't require to list the content of the `.git` folder (http://target.com/.git/), the data extraction can still be conducted when files can be read.
 
+## Labs
+
+* [Root Me - Insecure Code Management](https://www.root-me.org/fr/Challenges/Web-Serveur/Insecure-Code-Management)
+
 
 ## References