Improve report for certificate abuse

[ruppde]

• double points for A-CertTempAnyone and A-CertTempCustomSubject as this vulnerabilities can be abused with any user to become domain admin. I also haven't seen false positives for this rules.
• add the certipy github repo to all rules with the certified-pre-owned paper as it's in my experience the best tool to check out those vulns.

fixes the first topic in https://github.com/vletoux/pingcastle/issues/220

[vletoux]

Thanks for submitting the PR.

However I cannot accept it. First, the score is a careful balance between many other risks. 95% of the PingCastle reports already reach the score of 100 so you cannot say that PingCastle is easy to beat. I've many source framework and many practice that requires an equilibrium. (I remind that adjusting the rule is a feature of the paid version)

Secondly, for the links, I try to incorporate links that bring any value. Adding "hacking tools" have the following consequences: 1) users don't understand the value of the article (yes, if you are an expert you don't need PingCastle) 2) this adds "malicious data" (a link to an hacking tool) and many antivirus / mail gateway will drop the report / program

I'm open to adjust the links if you can propose one that helps users to fix the issue.