From 09476e901bbce72b54bd60fa86ce494c09d3139d Mon Sep 17 00:00:00 2001
From: Shaun Dang <pulorsok@gmail.com>
Date: Fri, 21 Nov 2025 16:48:45 +0800
Subject: [PATCH] Update quark_script.rst

---
 docs/source/quark_script.rst | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/docs/source/quark_script.rst b/docs/source/quark_script.rst
index bf643f2c..a3e7445d 100644
--- a/docs/source/quark_script.rst
+++ b/docs/source/quark_script.rst
@@ -2734,8 +2734,10 @@ We use the `ovaa.apk <https://github.com/oversecured/ovaa>`_ sample to explain t
 
 .. image:: https://imgur.com/1zP5xkN.png
 
-Quark Script: CWE-940.py
-=========================
+CWE-940 Detection Process Using Quark Script API
+=================================================
+
+.. image:: https://i.postimg.cc/1XGWt89Q/jie-tu-2025-11-21-xia-wu4-46-36.png
 
 Let’s use the above APIs to show how the Quark script finds this vulnerability.
 
@@ -2745,6 +2747,11 @@ Next, we retrieve the methods that pass the URL. Then, we check if these methods
 
 If **YES**, it could imply that the APK uses communication channels without proper verification, which may cause CWE-940 vulnerability.
 
+Quark Script: CWE-940.py
+=========================
+
+.. image:: https://i.postimg.cc/pLTZNG5J/jie-tu-2025-11-21-xia-wu4-47-11.png
+
 .. code-block:: python
 
     from quark.script import runQuarkAnalysis, Rule