Improve Basic writing and formatting syntax

Document/0x05j-Testing-Resiliency-Against-Reverse-Engineering.md

@@ -18,37 +18,37 @@ Root detection can also be implemented through libraries such as [RootBeer](http
 
 Google has launched the Google Play Integrity API to improve the security and integrity of apps and games on Android starting from Android 4.4 (level 19). The previous official API, [SafetyNet](https://developer.android.com/training/safetynet), did not cover all the security needs that Google wanted for the platform, so Play Integrity was developed with the basic functions of the previous API and integrated additional features. This change aims to protect users against dangerous and fraudulent interactions.
 
-**Google Play Integrity provides the following protections:**
+**Google Play Integrity offers the following safeguards:**
 
-Verification of genuine Android device: verifies that the app is running on a legitimate Android device.  
-User license validation: Indicates whether the user installed or paid for the app or game via the Google Play Store.  
-Unmodified binary verification: determines if the app is interacting with the original binary recognized by Google Play.
+- Verification of genuine Android device: It verifies that the application is running on a legitimate Android device.
+- User license validation: It indicates whether the user installed or purchased the application or game through the Google Play Store.  
+- Unmodified binary verification: It determines whether the application is interacting with the original binary recognized by Google Play.
 
 The API provides four macro categories of information to help the security team make a decision. These categories include:
 
-1.Request Details: In this section, details are obtained about the app package that requested the integrity check, including  its format (my.package.com), a base64-encoded ID provided by the developer to establish a link between the request and the integrity certificate, and the time of the request execution in milliseconds.
+1. **Request Details**: In this section, details are obtained about the app package that requested the integrity check, including  its format (my.package.com), a base64-encoded ID provided by the developer to establish a link between the request and the integrity certificate, and the time of the request execution in milliseconds.
 
-2.App Integrity: This section provides information about the integrity of the app, including the result of the verification (denominated "verdict"), which indicates whether the app's installation source is trusted (via Play Store) or unknown/suspicious. If the installation source is considered secure, the app version will also be displayed.
+2. **App Integrity**: This section provides information about the integrity of the app, including the result of the verification (denominated verdict), which indicates whether the app's installation source is trusted (via Play Store) or unknown/suspicious. If the installation source is considered secure, the app version will also be displayed.
 
-3.Account Details: This category provides information about the app licensing status. The result can be "LICENSED", indicating that the user purchased or installed the app on the Google Play Store; "UNLICENSED", meaning that the user does not own the app or did not acquire it through the Google Play Store; or "UNEVALUATED", which means that the licensing details could not be evaluated because a necessary requirement is missing, that is, the device may not be trustworthy enough or the installed app version is not recognized by the Google Play Store.
+3. **Account Details**: This category provides information about the app licensing status. The result can be `LICENSED`, indicating that the user purchased or installed the app on the Google Play Store; `UNLICENSED`, meaning that the user does not own the app or did not acquire it through the Google Play Store; or `UNEVALUATED`, which means that the licensing details could not be evaluated because a necessary requirement is missing, that is, the device may not be trustworthy enough or the installed app version is not recognized by the Google Play Store.
 
-4.Device Integrity: This section presents information that verifies the authenticity of the Android environment in which the app is running.
+4. **Device Integrity**: This section presents information that verifies the authenticity of the Android environment in which the app is running.
 
-- MEETS_DEVICE_INTEGRITY: Running on Android Device with Google Play Services: The app is running on an Android device with Google Play Services. This device passed system integrity checks and meets the Android compatibility requirements.
-- MEETS_BASIC_INTEGRITY: Running on Device without Google Play Services: The app is running on a device that passed basic system integrity checks. This may occur because the device may be running an unrecognized version of Android, has an unlocked bootloader, or has not been certified by the manufacturer.
-- MEETS_STRONG_INTEGRITY: The app is running on an Android device equipped with Google Play Services technology, ensuring a strong system integrity such as a hardware-protected boot process.
-- MEETS_VIRTUAL_INTEGRITY: Running on Emulator with Google Play Services: In this scenario, the app is running in a simulated environment of an Android device that has Google Play Services. The emulator was checked and approved for system integrity and meets the necessary Android compatibility requirements.
+- `MEETS_DEVICE_INTEGRITY`: Running on Android Device with Google Play Services: The app is running on an Android device with Google Play Services. This device passed system integrity checks and meets the Android compatibility requirements.
+- `MEETS_BASIC_INTEGRITY`: Running on Device without Google Play Services: The app is running on a device that passed basic system integrity checks. This may occur because the device may be running an unrecognized version of Android, has an unlocked bootloader, or has not been certified by the manufacturer.
+- `MEETS_STRONG_INTEGRITY`: The app is running on an Android device equipped with Google Play Services technology, ensuring a strong system integrity such as a hardware-protected boot process.
+- `MEETS_VIRTUAL_INTEGRITY`: Running on Emulator with Google Play Services: In this scenario, the app is running in a simulated environment of an Android device that has Google Play Services. The emulator was checked and approved for system integrity and meets the necessary Android compatibility requirements.
 
 **API Errors:**
 
-The API can return local errors such as "APP_NOT_INSTALLED" and "APP_UID_MISMATCH", which can indicate a fraud attempt or attack. In addition, outdated Google Play Services or Play Store can also cause errors, and it is important to check these situations to ensure proper integrity verification functionality and to ensure the environment is not intentionally set up for an attack. You can find more details on the [official page](https://developer.android.com/google/play/integrity/error-codes).
+The API can return local errors such as `APP_NOT_INSTALLED` and `APP_UID_MISMATCH`, which can indicate a fraud attempt or attack. In addition, outdated Google Play Services or Play Store can also cause errors, and it is important to check these situations to ensure proper integrity verification functionality and to ensure the environment is not intentionally set up for an attack. You can find more details on the [official page](https://developer.android.com/google/play/integrity/error-codes).
 
 **Best practices:**
 
 1. Although Play Integrity provides an additional layer of security for Android applications, it is not a single security solution. It is important to have complementary measures in place, such as input data validation, user authentication and anti-fraud protection.
 2. It is important to avoid querying the Play Protect API too frequently in order to minimize the impact on device resources. Furthermore, it is good practice to use the API only in situations where device integrity verification is truly necessary.
 
-3. By including a "NONCE" in the request, the verification server can ensure that the response matches the original request and has not been tampered with by third parties. It is a random value generated by the app (or server) and sent with the integrity verification request.
+3. By including a `NONCE` in the request, the verification server can ensure that the response matches the original request and has not been tampered with by third parties. It is a random value generated by the app (or server) and sent with the integrity verification request.
 
 **Limitations:**  
 It is important to note that there is a daily limit for the Google Play Services Integrity Verification API requests. By default, up to 10,000 requests are allowed per day, but for applications that require a higher number of requests, it is necessary to contact Google to request an expansion of this limit.
@@ -1446,7 +1446,7 @@ See section "[Dynamic Analysis with an Emulator](#dynamic-analysis-with-an-emula
 
 ### Play Integrity Attestation
 
-- Developer Guideline - <https://developer.android.com/google/play/integrity/overview>
-- Play Integrity API - Verdict - <https://developer.android.com/google/play/integrity/verdict>
-- Play Integrity API - Quota Request - <https://developer.android.com/google/play/integrity/overview?#usage-tiers>
-- Obfuscator-LLVM - <https://github.com/obfuscator-llvm/obfuscator>
+- [Developer Guideline](https://developer.android.com/google/play/integrity/overview "Developer Guideline")
+- [Play Integrity API](https://developer.android.com/google/play/integrity/overview "Play Integrity API Overview")
+- [Play Integrity API](https://developer.android.com/google/play/integrity/overview?#usage-tiers "Quota Request")
+- [Obfuscator-LLVM](https://github.com/obfuscator-llvm/obfuscator "Obfuscator")