From 45ab93fc264dea4c1a07093def3a51dff091f09b Mon Sep 17 00:00:00 2001
From: daniel_sagi <daniel.sagi@aquasec.com>
Date: Wed, 18 Jul 2018 19:40:56 +0300
Subject: [PATCH] minor changes to readme, added categories to vulnerabilities

---
 README.md     | 1 -
 src/README.md | 8 +++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 4dd1572..e8127c3 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,6 @@ To specify remote machines for hunting, you can use the `--remote` option. Examp
 
 Active hunting is an option in which Kube Hunter will exploit vulnerabilities it finds, in order to explore for further vulnerabilities.
 The main difference between normal and active hunting is that a normal hunt will never change state of the cluster, while active hunting can potentially do state-changing and harmful operations on the cluster.
-When active, evidence of vulnerabilities will be added to the final report.
 To active hunt a cluster, use the `--active` flag. Example:  
 `./kube-hunter.py --remote some.domain.com --active`  
 
diff --git a/src/README.md b/src/README.md
index f406c82..316e07f 100644
--- a/src/README.md
+++ b/src/README.md
@@ -112,8 +112,9 @@ lets see some examples of creating different types of events:
 ```python  
 class ExposedMasterCN(Vulnerability, Event):  
     """Explanation about this vulnerability and what it can do when exploited"""  
-    def __init__(self):  
-        Vulnerability.__init__(self, component=KubernetesCluster, name="Master Exposed From Certificate")  
+    def __init__(self, master_ip):  
+        Vulnerability.__init__(self, component=KubernetesCluster, name="Master Exposed From Certificate", category=InformationDisclosure)
+        self.evidence = master_ip
 ```  
   
 ### Service  
@@ -174,4 +175,5 @@ If another Hunter subscribes to the events that this Hunter publishes, if can  a
   
 ## Proving Vulnerabilities  
 The process of proving vulnerabilities, is the base concept of the Active Hunting.    
-To prove a vulnerability, create an `ActiveHunter` that is subscribed to the vulnerability, and inside of the `execute`, specify the `evidence` attribute of the event.  
\ No newline at end of file
+To prove a vulnerability, create an `ActiveHunter` that is subscribed to the vulnerability, and inside of the `execute`, specify the `evidence` attribute of the event.   
+*Note that you can specify the 'evidence' attribute without active hunting*  
\ No newline at end of file