Add exploiters' reference pages

[shreyamalviya]

What does this PR do?

Fixes #4211

PR Checklist

• [x] Have you added an explanation of what your changes do and why you'd like to include them?
• [x] Is the TravisCI build passing?
• [ ] ~Was the CHANGELOG.md updated to reflect the changes?~
• [ ] ~Was the documentation framework updated to reflect the changes?~
• [ ] ~Have you checked that you haven't introduced any duplicate code?~

Testing Checklist

• [ ] ~Added relevant unit tests?~
• [ ] ~Do all unit tests pass?~
• [ ] ~Do all end-to-end tests pass?~
• [x] Any other testing performed?

  Tested with Hugo

• [ ] ~If applicable, add screenshots or log transcripts of the feature working~

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 77.07%. Comparing base (3fa4467) to head (5fa7be0). Report is 24 commits behind head on develop.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## develop #4231 +/- ## =========================================== - Coverage 77.08% 77.07% -0.01% =========================================== Files 442 442 Lines 14137 14135 -2 Branches 18 18 =========================================== - Hits 10897 10895 -2 Misses 3240 3240 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[cakekoa]

This is almost exclusively documentation autogenerated from the schema. The only thing I could detect that was added is the Acknowledgements section in a couple of the pages. I think some of the old info is still valuable and valid reference material (e.g. the "Description" and "Services exploited" sections of Log4Shell)

[shreyamalviya]

This is almost exclusively documentation autogenerated from the schema. The only thing I could detect that was added is the Acknowledgements section in a couple of the pages. I think some of the old info is still valuable and valid reference material (e.g. the "Description" and "Services exploited" sections of Log4Shell)

I think we should add all of that under features/.

[mssalvatore]

This is almost exclusively documentation autogenerated from the schema. The only thing I could detect that was added is the Acknowledgements section in a couple of the pages. I think some of the old info is still valuable and valid reference material (e.g. the "Description" and "Services exploited" sections of Log4Shell)

I think we should add all of that under features/.

I generally agree that the description of the features should go under features/, since it is a type of Explanation. However, Diataxis does say, "Although reference should not attempt to show how to perform tasks, it can and often needs to include a description of how something works or the correct way to use it." [emphasis mine] I think the key is that this would be "how" and not "why".

I think it would be good to add a section where we list relevant CVEs for each exploiter that exploits a vulnerability.

For Log4Shell, I think it would be good if we included a list of "exploited services". We don't have to provide any explanation here, that's better left for features. We can also include the list of services in explanation, but I don't think the reference is "complete" without that list.

For PowerShell, I think the exact order that credentials are tried in seems like reference material. Same for RDP.

I think most of the information in the SNMP page could be considered reference; it describes "what" and "how". That's not to say that some of it shouldn't be also explained under features/ in order to "provide context".

[mssalvatore]

I think the supported operating systems would be better displayed as a table. Take a look at the screenshots below and LMK if you disagree.

[shreyamalviya]

I think the supported operating systems would be better displayed as a table. Take a look at the screenshots below and LMK if you disagree.

Looks good but we should specify what kind of limitations.

[mssalvatore]

I think the supported operating systems would be better displayed as a table. Take a look at the screenshots below and LMK if you disagree.

Looks good but we should specify what kind of limitations.

Isn't that accomplished by the last section, "Order of credentials use for brute-forcing"? Should I turn that into a table?

^ The above table is an example only. I can improve/clarify some of the language.

[shreyamalviya]

Isn't that accomplished by the last section, "Order of credentials use for brute-forcing"?

"limitations" could mean anything. If there's a way for us to specify that the only limitation is the kind of credentials used for brute-forcing, I feel we should do that.