wording and headings

Author: evilsocket

src/content/docs/modules/ble.mdx

@@ -7,40 +7,42 @@ sidebar:
 
 import { YouTube } from "astro-embed";
 
-This module is responsible for Bluetooth Low Energy devices discovery, services enumeration and characteristic writing for unauthenticated devices.
+This module handles **Bluetooth Low Energy** (BLE) devices.
+It provides device discovery, services enumeration, and characteristic writing for unauthenticated devices.
 
 :::caution
 This module is not supported on Microsoft Windows and Apple macOS [due to this bug](https://github.com/bettercap/bettercap/issues/74).
 
 :::
 
-### Commands
+## Commands
 
-#### `ble.recon on`
+### `ble.recon on`
 
-Start Bluetooth Low Energy devices discovery.
+Start **BLE device discovery**.
 
-#### `ble.recon off`
+### `ble.recon off`
 
-Stop Bluetooth Low Energy devices discovery.
+Stop **BLE device discovery**.
 
-#### `ble.clear`
+### `ble.clear`
 
-Clear all devices collected by the BLE discovery module.
+Clear all devices collected by the **BLE discovery** module.
 
-#### `ble.show`
+### `ble.show`
 
-Show discovered Bluetooth Low Energy devices.
+Show discovered **BLE devices**.
 
-#### `ble.enum MAC`
+### `ble.enum MAC`
 
-Enumerate services and characteristics for the given BLE device.
+Enumerate **services and characteristics** for the given BLE device.
 
-#### `ble.write MAC UUID HEX_DATA`
+### `ble.write MAC UUID HEX_DATA`
 
-Write the `HEX_DATA` buffer to the BLE device with the specified `MAC` address, to the characteristics with the given `UUID`. |
+Write the `HEX_DATA` buffer to the BLE device with the specified `MAC`.
+Writes to the characteristic with the given `UUID`.
 
-### Parameters
+## Parameters
 
 | Parameter         | Default    | Description                                                                                      |
 | ----------------- | ---------- | ------------------------------------------------------------------------------------------------ |
@@ -51,7 +53,7 @@ Write the `HEX_DATA` buffer to the BLE device with the specified `MAC` address,
 | `ble.timeout`     | `5`        | Connection timeout in seconds.                                                                   |
 | `ble.ttl`         | `30`       | Seconds of inactivity for a device to be pruned.                                                 |
 
-### Examples
+## Examples
 
 Connect, enumerate and read characteristics from the BLE device `04:52:de:ad:be:ef` (requires `ble.recon on` first):
 

src/content/docs/modules/core/api.rest.md

@@ -11,33 +11,38 @@ The default credentials are:
 
 :::
 
-A RESTful API server to orchestrate and interact with the current interactive session, starts on HTTP and unauthenticated by default, can be switched to HTTPS and basic auth by using the proper parameters.
+A **RESTful API server** for orchestrating and interacting with the current interactive session.
+
+By default, it starts on **HTTP** and is **unauthenticated**.
+You can switch to **HTTPS** and enable **basic auth** using the proper parameters.
 
 ## Commands
 
 ### `api.rest on`
 
-Start the REST API server.
+Start the **REST API** server.
 
 ### `api.rest off`
 
-Stop the REST API server.
+Stop the **REST API** server.
 
 ### `api.rest.record FILENAME`
 
-Start polling the rest API periodically recording each sample in a compressed file that can be later replayed.
+Start polling the **REST API** periodically.
+Records each sample in a **compressed file** that can be replayed later.
 
 ### `api.rest.record off`
 
-Stop recording the session.
+Stop **recording** the session.
 
 ### `api.rest.replay FILENAME`
 
-Start the rest API module in replay mode using `FILENAME` as the recorded session file, will revert to normal mode once the replay is over.
+Start the REST API module in **replay mode** using `FILENAME`.
+Reverts to normal mode once the replay is over.
 
 ### `api.rest.replay off`
 
-Stop replaying the recorded session.
+Stop **replaying** the recorded session.
 
 ## Parameters
 
@@ -61,17 +66,18 @@ Stop replaying the recorded session.
 
 ## Routes
 
-Clients can authenticate using HTTP basic authentication, these are the available API routes.
+Clients can authenticate using **HTTP basic authentication**.
+These are the available API routes:
 
 ### `GET /api/file?name=FILENAME`
 
 Get a file on the host
 
 ### `GET /api/events`
 
-{{% notice note %}}
-This route will be available as a websocket endpoint instead of normal HTTP if the `api.rest.websocket` parameter is set to true.
-{{% /notice %}}
+:::note
+This route becomes a **websocket endpoint** instead of normal HTTP if `api.rest.websocket` is set to `true`.
+:::
 
 Return a list of events ( the optional `n` GET parameter will limit the number ):
 

src/content/docs/modules/core/ticker.md

@@ -3,21 +3,22 @@ title: ticker
 description: The ticker module can be used to execute a given set of commands periodically in the interactive session.
 ---
 
-The ticker module can be used to execute a given set of commands periodically in the interactive session.
+The **ticker module** executes a given set of commands periodically in the interactive session.
 
 ## Commands
 
 ### `ticker on`
 
-Start the main ticker.
+Start the **main ticker**.
 
 ### `ticker off`
 
-Stop the main ticker.
+Stop the **main ticker**.
 
 ### `ticker.create NAME PERIOD COMMANDS`
 
-Create and start a named ticker called `NAME` that will execute the given `COMMANDS` every `PERIOD`.
+Create and start a **named ticker** called `NAME`.
+Executes `COMMANDS` every `PERIOD` seconds.
 
 ### `ticker.destroy NAME`
 

src/content/docs/modules/ethernet/net.recon.md

@@ -5,33 +5,36 @@ sidebar:
   order: 2
 ---
 
-This module is responsible for periodically reading the system ARP table in order to detect new hosts on the network.
+This module periodically reads the system **ARP table** to detect new hosts on the network.
 
 ## Commands
 
 ### `net.recon on`
 
-Start network hosts discovery.
+Start **network hosts discovery**.
 
 ### `net.recon off`
 
-Stop network hosts discovery.
+Stop **network hosts discovery**.
 
 ### `net.clear`
 
-Clear all endpoints collected by the hosts discovery module.
+Clear all endpoints collected by the **hosts discovery** module.
 
 ### `net.show`
 
-Show cache hosts list (default sorting by ip).
+Show cached hosts list.
+Default sorting by IP.
 
 ### `net.show ADDRESS1, ADDRESS2`
 
-Show information about a specific list of addresses (by IP or MAC).
+Show information about specific addresses.
+Accepts IP or MAC.
 
 ### `net.show.meta ADDRESS1, ADDRESS2`
 
-Show metadata (mDNS, UPnP, open ports, etc) about a specific list of addresses (by IP or MAC).
+Show metadata about specific addresses.
+Includes mDNS, UPnP, open ports, etc.
 
 ## Parameters
 

src/content/docs/modules/ethernet/net.sniff.md

@@ -5,31 +5,32 @@ sidebar:
   order: 4
 ---
 
-This module is a network packet sniffer and fuzzer supporting both [BPF syntax](http://biot.com/capstats/bpf.html) and regular expressions for filtering.
+A **network packet sniffer** and **fuzzer** module.
+Supports both [BPF syntax](http://biot.com/capstats/bpf.html) and regular expressions for filtering.
 
-It is also able to dissect several major protocols in order to harvest credentials.
+It can also **dissect major protocols** to harvest credentials.
 
 ## Commands
 
 ### `net.sniff on`
 
-Start the packet sniffer.
+Start the **packet sniffer**.
 
 ### `net.sniff off`
 
-Stop the packet sniffer.
+Stop the **packet sniffer**.
 
 ### `net.sniff stats`
 
-Print the packet sniffer session configuration and statistics.
+Print sniffer session configuration and statistics.
 
 ### `net.fuzz on`
 
-Enable fuzzing for every sniffed packet containing the specified layers.
+Enable **fuzzing** for sniffed packets containing specified layers.
 
 ### `net.fuzz off`
 
-Disable fuzzing.
+Disable **fuzzing**.
 
 ## Parameters
 

src/content/docs/modules/ethernet/proxies/http.proxy.md

@@ -3,17 +3,20 @@ title: http.proxy
 description: A full featured HTTP transparent proxy that can be scripted using JavaScript modules.
 ---
 
-A full featured HTTP transparent proxy that can be scripted using JavaScript modules. If used together with a [spoofer](/modules/ethernet/spoofers/introduction/), all HTTP traffic will be redirected to it and it will automatically handle port redirections as needed.
+A **transparent HTTP proxy** with **JavaScript scripting** support.
+
+When used with a [spoofer](/modules/ethernet/spoofers/introduction/), all **HTTP traffic** redirects to this proxy.
+Port redirections are handled automatically.
 
 ## Commands
 
 ### `http.proxy on`
 
-Start the HTTP proxy.
+Start the **HTTP proxy** server.
 
 ### `http.proxy off`
 
-Stop the HTTP proxy.
+Stop the **HTTP proxy** server.
 
 ## Parameters
 
@@ -31,7 +34,8 @@ Stop the HTTP proxy.
 
 ## Modules
 
-The `http.proxy` and `https.proxy` modules can be scripted using javascript files that must declare at least one of the following functions:
+The `http.proxy` and `https.proxy` modules can be scripted using **JavaScript files**.
+These files must declare at least one of the following functions:
 
 ```js
 // called when the script is loaded
@@ -70,7 +74,10 @@ function onCommand(cmd) {
 }
 ```
 
-Modules can change the `req` request and `res` response objects, for instance the [web-override.cap caplet](https://github.com/bettercap/caplets/blob/master/web-override/web-override.cap) is using the `onRequest` function in order to override every request before it is executed with a fake response:
+Modules can change the `req` request and `res` response objects.
+
+For instance, the [web-override.cap caplet](https://github.com/bettercap/caplets/blob/master/web-override/web-override.cap) uses the `onRequest` function.
+It overrides every request before execution with a **fake response**:
 
 ```js
 function onRequest(req, res) {
@@ -86,7 +93,8 @@ function onRequest(req, res) {
 }
 ```
 
-The [login-man-abuse.cap caplet](https://github.com/bettercap/caplets/blob/master/login-manager-abuse/login-man-abuse.cap) instead will use the `onResponse` handler to inject its malicious javascript file in every html response:
+The [login-man-abuse.cap caplet](https://github.com/bettercap/caplets/blob/master/login-manager-abuse/login-man-abuse.cap) uses the `onResponse` handler.
+It injects a **JavaScript file** into every HTML response:
 
 ```js
 function onResponse(req, res) {
@@ -108,10 +116,10 @@ function onResponse(req, res) {
 
 ### Builtin Functions
 
-The JS interpreter is [limited to ES5](https://github.com/robertkrimen/otto?tab=readme-ov-file#caveat-emptor) (no 
-for/of, typed arrays, classes... )
+The JS interpreter is [limited to ES5](https://github.com/robertkrimen/otto?tab=readme-ov-file#caveat-emptor).
+This means **no** `for/of`, typed arrays, or classes.
 
-Modules can use the following builtin functions.
+Modules can use the following **builtin functions**:
 
 | Function                                    | Description                                                                   |
 | ------------------------------------------- | ----------------------------------------------------------------------------- |
@@ -141,7 +149,10 @@ Modules can use the following builtin functions.
 
 ## Examples
 
-Will ARP spoof the whole network, enable sslstrip and inject a "Hello World" javascript alert to every HTML page being visited:
+### ARP Spoof with SSL Strip
+
+This example **ARP spoofs** the whole network.
+It enables **SSL strip** and injects a JavaScript alert to every HTML page:
 
 ```bash
 set http.proxy.injectjs alert("Hello World")
@@ -151,7 +162,9 @@ http.proxy on
 arp.spoof on
 ```
 
-Only proxy requests for `cnn.com` (including subdomains):
+### Whitelist Specific Domains
+
+Only proxy requests for `cnn.com` and its subdomains:
 
 ```bash
 set http.proxy.blacklist *