From 68f3449678a2bd12d968ee19817b341fdf7258b5 Mon Sep 17 00:00:00 2001
From: Shaun Dang <pulorsok@gmail.com>
Date: Tue, 16 Sep 2025 18:46:00 +0800
Subject: [PATCH 1/5] Document enhance for Quark Script CWE-925

---
 docs/source/quark_script.rst | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/docs/source/quark_script.rst b/docs/source/quark_script.rst
index 2d97d2ac..854b31fa 100644
--- a/docs/source/quark_script.rst
+++ b/docs/source/quark_script.rst
@@ -2330,8 +2330,11 @@ We use the `InsecureBankv2.apk <https://github.com/dineshshetty/Android-Insecure
 
 .. image:: https://imgur.com/V7VtL3x.jpg
 
-Quark Script CWE-925.py
-========================
+
+CWE-925 Detection Process Using Quark Script API
+=================================================
+
+.. image:: https://hackmd.io/_uploads/HknNJaIsxe.png
 
 First, we use API ``getReceivers(samplePath)`` and ``receiverInstance.isExported()`` to find all the exported receivers defined in the APK.
 
@@ -2339,6 +2342,12 @@ Second, we use API ``checkMethodCalls(samplePath, targetMethod, checkMethods)``
 
 If **No**, it could imply that the APK does not verify intent properly, potentially leading to a CWE-925 vulnerability.
 
+
+Quark Script CWE-925.py
+========================
+
+.. image:: https://hackmd.io/_uploads/Skor1pIile.png
+
 .. code-block:: python
 
     from quark.script import checkMethodCalls, getReceivers

From e1024f0a9ce8fb14c192d3fb59f0fc2b31027944 Mon Sep 17 00:00:00 2001
From: Shaun Dang <pulorsok@gmail.com>
Date: Wed, 17 Sep 2025 16:16:04 +0800
Subject: [PATCH 2/5] Fix images and improve clarity in quark_script.rst

---
 docs/source/quark_script.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/source/quark_script.rst b/docs/source/quark_script.rst
index 854b31fa..6e670894 100644
--- a/docs/source/quark_script.rst
+++ b/docs/source/quark_script.rst
@@ -2334,11 +2334,11 @@ We use the `InsecureBankv2.apk <https://github.com/dineshshetty/Android-Insecure
 CWE-925 Detection Process Using Quark Script API
 =================================================
 
-.. image:: https://hackmd.io/_uploads/HknNJaIsxe.png
+.. image:: https://hackmd.io/_uploads/Sk0Ypk_oxx.png
 
 First, we use API ``getReceivers(samplePath)`` and ``receiverInstance.isExported()`` to find all the exported receivers defined in the APK.
 
-Second, we use API ``checkMethodCalls(samplePath, targetMethod, checkMethods)`` to check if the ``onReceive`` method of every exported receiver obtains intent action.
+Second, we use API ``checkMethodCalls(samplePath, targetMethod, checkMethods)`` to check if the ``onReceive`` method of every exported receiver obtains an intent action.
 
 If **No**, it could imply that the APK does not verify intent properly, potentially leading to a CWE-925 vulnerability.
 
@@ -2346,7 +2346,7 @@ If **No**, it could imply that the APK does not verify intent properly, potentia
 Quark Script CWE-925.py
 ========================
 
-.. image:: https://hackmd.io/_uploads/Skor1pIile.png
+.. image:: https://hackmd.io/_uploads/HJjqp1digg.png
 
 .. code-block:: python
 

From 9656c04e865d22b2c54a6323fff1a03c24d6b702 Mon Sep 17 00:00:00 2001
From: Shaun Dang <pulorsok@gmail.com>
Date: Wed, 17 Sep 2025 16:21:04 +0800
Subject: [PATCH 3/5] Fix image links in quark_script.rst

---
 docs/source/quark_script.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/source/quark_script.rst b/docs/source/quark_script.rst
index 6e670894..981a0f70 100644
--- a/docs/source/quark_script.rst
+++ b/docs/source/quark_script.rst
@@ -2334,7 +2334,7 @@ We use the `InsecureBankv2.apk <https://github.com/dineshshetty/Android-Insecure
 CWE-925 Detection Process Using Quark Script API
 =================================================
 
-.. image:: https://hackmd.io/_uploads/Sk0Ypk_oxx.png
+.. image:: https://i.postimg.cc/Ls0Kw749/2025-09-17-4-19-22.png
 
 First, we use API ``getReceivers(samplePath)`` and ``receiverInstance.isExported()`` to find all the exported receivers defined in the APK.
 
@@ -2346,7 +2346,7 @@ If **No**, it could imply that the APK does not verify intent properly, potentia
 Quark Script CWE-925.py
 ========================
 
-.. image:: https://hackmd.io/_uploads/HJjqp1digg.png
+.. image:: https://i.postimg.cc/dQhts2gN/2025-09-17-4-17-51.png
 
 .. code-block:: python
 

From e06cf5f61748a5ba715c84d77f66b2faacf48851 Mon Sep 17 00:00:00 2001
From: Shaun Dang <pulorsok@gmail.com>
Date: Wed, 8 Oct 2025 13:18:27 +0800
Subject: [PATCH 4/5] Revise Quark Script CWE-601 documentation and images

Updated images and section titles related to CWE-601 detection process.
---
 docs/source/quark_script.rst | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/docs/source/quark_script.rst b/docs/source/quark_script.rst
index 981a0f70..7fac4536 100644
--- a/docs/source/quark_script.rst
+++ b/docs/source/quark_script.rst
@@ -2914,15 +2914,24 @@ Code of CWE-601 in ovaa.apk
 
 We use the `ovaa.apk <https://github.com/oversecured/ovaa>`_ sample to explain the vulnerability code of CWE-601.
 
-.. image:: https://imgur.com/I61pL2m.png
+.. image:: https://i.postimg.cc/hjqKnKLN/2025-10-08-1-12-43.png
 
-Quark Script: CWE-601.py
-========================
+
+CWE-601 Detection Process Using Quark Script API
+=================================================
+
+.. image:: https://i.postimg.cc/T2tv7V4N/2025-10-08-1-14-40.png
 
 Let’s use the above APIs to show how the Quark script finds this vulnerability.
 
 To detect the vulnerability, we use the API ``findMethodInAPK(samplePath, targetMethod)`` to find all the caller methods of ``startActivity``. Next, we examine the arguments of each method to discover the methods receiving external input. If a method receives external input but lacks proper input validation, the CWE-601 vulnerability is identified.
 
+
+Quark Script: CWE-601.py
+========================
+
+.. image:: https://i.postimg.cc/g0HTwdFF/2025-10-08-1-16-15.png
+
 .. code-block:: python
 
     from quark.script import findMethodInAPK

From 0dc20443aa9dcaf9486bda7690640555be934405 Mon Sep 17 00:00:00 2001
From: Shaun Dang <pulorsok@gmail.com>
Date: Thu, 9 Oct 2025 09:19:47 +0800
Subject: [PATCH 5/5] Replace images in quark_script.rst

Updated images in the CWE-601 detection process and Quark Script sections.
---
 docs/source/quark_script.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/source/quark_script.rst b/docs/source/quark_script.rst
index 7fac4536..39c24b33 100644
--- a/docs/source/quark_script.rst
+++ b/docs/source/quark_script.rst
@@ -2920,7 +2920,7 @@ We use the `ovaa.apk <https://github.com/oversecured/ovaa>`_ sample to explain t
 CWE-601 Detection Process Using Quark Script API
 =================================================
 
-.. image:: https://i.postimg.cc/T2tv7V4N/2025-10-08-1-14-40.png
+.. image:: https://i.postimg.cc/q75yxptk/2025-10-09-9-14-34.png
 
 Let’s use the above APIs to show how the Quark script finds this vulnerability.
 
@@ -2930,7 +2930,7 @@ To detect the vulnerability, we use the API ``findMethodInAPK(samplePath, target
 Quark Script: CWE-601.py
 ========================
 
-.. image:: https://i.postimg.cc/g0HTwdFF/2025-10-08-1-16-15.png
+.. image:: https://i.postimg.cc/wTwvm0Rm/2025-10-09-9-18-38.png
 
 .. code-block:: python