Fix typos in documentation

CONTRIBUTING.md

@@ -11,7 +11,7 @@ Before we get into the details of contributing code, you should know there are m
  - [Help fellow users with open issues]. This can require technical knowledge, but you can also get involved in conversations about bug reports and feature requests. This is a great way to get involved without getting too overwhelmed!
  - [Help fellow committers test recently submitted pull requests](https://github.com/rapid7/metasploit-framework/pulls). Again this can require some technical skill, but by pulling down a pull request and testing it, you can help ensure our new code contributions for stability and quality.
  - [Report a security vulnerability in Metasploit itself] to Rapid7. If you see something you think makes Metasploit vulnerable to an attack, let us know!
- - Add [module documentation]. New documentation is always needed and cleaning up existing documents is just as important! If you're a non-native english speaker, you can help by replacing any ambiguous idioms, metaphors, or unclear language that might make our documentation hard to understand.
+ - Add [module documentation]. New documentation is always needed and cleaning up existing documents is just as important! If you're a non-native English speaker, you can help by replacing any ambiguous idioms, metaphors, or unclear language that might make our documentation hard to understand.
 
 
 ## Code Contributions
@@ -26,7 +26,7 @@ will be closed. We need to ensure the code we're adding to master is written to
 We strive to respect the community that has given us so much, so in the odd situation where we get multiple submissions for the same vulnerability, generally we will work with the first person who assigns themselves to the issue or the first person that submits a good-faith PR.  A good-faith PR might not even work, but it will show that the author is working their way toward a solution.  Despite this general rule, there are rare circumstances where we may ask a contributor to step aside or allow a committer to take the lead on the creation of a new module if a complete and working module with documents has not already been submitted.  This kind of expedited module creation process comes up infrequently, and usually it involves high-profile or high priority modules that we have marked internally as time-critical: think KEV list, active exploitation campaigns, CISA announcements, etc.  In those cases, we may ask a contributor that is assigned to the issue or who has submitted an incomplete module to allow a committer to take over an issue or a module PR in the interest of getting a module out quickly.  If a contributor has submitted an incomplete module, they will remain as a co-author of the module and we may build directly onto the PR they submitted, leaving the original commits in the tree.  We sincerely hope that the original author will remain involved in this expedited module creation process.  We would appreciate testing, critiquing, and any assistance that can be offered.  If the module is complete but requires minor changes, we may ask the contributor to allow us to take over testing/verification and make these minor changes without asking so we can land the module as quickly as possible.  In these cases of minor code changes, the authorship of the module will remain unchanged.  We hope everyone involved in this expedited module creation process continues to feel valued and appreciated.
 
 ## Vibecoding, AI, and LLM
-My first job had a token ring LAN and I still own a Win98SE CD, so I'm not entirely sure what _vibecoding_ is, but we're cool with any coding technique you use to create a PR as long as it is tested, documented, and does what it says it does.  Untested code is incomplete code, and incomplete code should be marked as a draft PR or WIP (Work in Progress) until it is complete, tested, and ready for a committer to review.  We have had several sumbissions clearly from AI that were well-formatted, looked really neat, and did nothing it said it did.  While we have no problem with AI-assisted coding, please do not assume that the code generated by an AI or LLM is logically or even syntactically correct.
+My first job had a token ring LAN and I still own a Win98SE CD, so I'm not entirely sure what _vibecoding_ is, but we're cool with any coding technique you use to create a PR as long as it is tested, documented, and does what it says it does.  Untested code is incomplete code, and incomplete code should be marked as a draft PR or WIP (Work in Progress) until it is complete, tested, and ready for a committer to review.  We have had several submissions clearly from AI that were well-formatted, looked really neat, and did nothing it said it did.  While we have no problem with AI-assisted coding, please do not assume that the code generated by an AI or LLM is logically or even syntactically correct.
 
 ### Code Contribution Do's & Don'ts:
 Keeping the following in mind gives your contribution the best chance of landing!

docker/README.md

@@ -57,4 +57,4 @@ override.
 ```bash
 echo "COMPOSE_FILE=./docker-compose.yml:./docker-compose.override.yml:./docker-compose.local.override.yml" >> .env
 ```
-Now you should be able get reverse shells working
+Now you should be able to get reverse shells working

docs/metasploit-framework.wiki/Evading-Anti-Virus.md

@@ -6,4 +6,4 @@
 * [Facts and myths about antivirus evasion with Metasploit](http://schierlm.users.sourceforge.net/avevasion.html)
 * [Using metasm to avoid antivirus detection ghost writing asm](https://web.archive.org/web/20200330111926/https://www.pentestgeek.com/penetration-testing/using-metasm-to-avoid-antivirus-detection-ghost-writing-asm)
 
-There are approximately 14 million other resources out there on the why's and wherefores of evading antivirus, but the about articles should get you started.
+There are approximately 14 million other resources out there on the why's and wherefores of evading antivirus, but the above articles should get you started.

docs/metasploit-framework.wiki/Get-Started-Writing-an-Exploit.md

@@ -110,7 +110,7 @@ end
 
     * **Stability** - The Stability field describes how the exploit affects the system it's being run on, ex: `CRASH_SAFE`, `CRASH_OS_DOWN`
     * **Reliability** - The Reliability field describes how reliable the session is that gets returned by the exploit, ex: `REPEATABLE_SESSION`, `UNRELIABLE_SESSION`
-    * **SideEffects** - The SideEffects field describes the side effects cause by the exploit that the user should be aware of, ex: `ARTIFACTS_ON_DISK`, `IOC_IN_LOGS`, `ACCOUNT_LOCKOUTS`.
+    * **SideEffects** - The SideEffects field describes the side effects caused by the exploit that the user should be aware of, ex: `ARTIFACTS_ON_DISK`, `IOC_IN_LOGS`, `ACCOUNT_LOCKOUTS`.
 
 ### Non-required fields
 

docs/metasploit-framework.wiki/How-to-get-started-with-writing-an-auxiliary-module.md

@@ -41,7 +41,7 @@ include Msf::Auxiliary::Scanner
 
 A couple of new things will be added to your module when you include this mixin. You will have a new datastore option named "RHOSTS", which allows the user to specify multiple hosts. There's a new "THREADS" option, which allows the number of threads to run during execution. There's also "ShowProgress" and "ShowProgressPercent" for tracking scan progress.
 
-Typically, the main method for an auxiliary module is "def run". But when you use the ```Msf::Auxiliary::Scanenr``` mixin, you need to be using ```def run_host(ip)```. The IP parameter is the target machine.
+Typically, the main method for an auxiliary module is "def run". But when you use the ```Msf::Auxiliary::Scanner``` mixin, you need to be using ```def run_host(ip)```. The IP parameter is the target machine.
 
 ## Templates
 

documentation/modules/auxiliary/admin/aws/aws_launch_instances.md

@@ -54,9 +54,9 @@ retrieve deployment packages from S3.
 The VPC or Virtual Private Cloud, an isolated local area network. Network access
 can be made available by assigning an Internet routable IP address to a host or
 routing traffic to it through an ELB (Elastic Load Balancer). In either case
-security-groups are used to open access to network ranges and specific TPC/UDP
+security-groups are used to open access to network ranges and specific TCP/UDP
 ports. Security-groups provide much of the functionality of traditional firewalls
-and can be configured by specifying a protocol, a CIDR and a port. 
+and can be configured by specifying a protocol, a CIDR and a port.
 
 ## How it Works
 
@@ -65,7 +65,7 @@ Web console or the CLI, launching a host in the Cloud requires a fair
 amount of configuration; this module does its best to abstract configuration
 requirements away from the user by auto detecting the VPC, subnets, creating
 security groups, etc. It performs several tasks to launch a host with
-a public IP address, these are as follow: 1) select a VPC, 2) select a subnet, 3)
+a public IP address, these are as follows: 1) select a VPC, 2) select a subnet, 3)
 create/select a security group, 4) create/select a key-pair, and 5) launch
 a host.
 
@@ -80,7 +80,7 @@ an Internet routable IP address. The module dynamically finds which subnet to
 launch the host in. It will use the first subnet it finds having the
 `Auto-assign Public IP` option set, if no such subnet exists, then it will
 select the first subnet having an Internet gateway. To circumvent this process,
-the `SUBNET_ID` advanced option can be set. 
+the `SUBNET_ID` advanced option can be set.
 
 When launching a Cloud host at least one security group is required. There are
 several advanced options for creating/selecting a security group. The
@@ -88,7 +88,7 @@ several advanced options for creating/selecting a security group. The
 That is, the module will create a security group unless the `SEC_GROUP_ID`
 options is set. If the `SEC_GROUP_ID` option is not set, the module will attempt
 to create a security group using the values specified in the `SEC_GROUP_CIDR`,
-`SEC_GROUP_NAME`, and `SEC_GROUP_PORT` options as configuration. 
+`SEC_GROUP_NAME`, and `SEC_GROUP_PORT` options as configuration.
 
 The `KEY_NAME` and `SSH_PUB_KEY` options are used in conjunction to select or
 create a key-pair (a named SSH public key). Key-pairs are used to authenticate
@@ -113,7 +113,7 @@ use command. To run the module, only the `AccessKeyId`, `SecretAccessKey`, and
 Basic Options:
 
 * `AMI_ID`: The Amazon Machine Image (AMI) ID (region dependent)
-* `RHOST`: the AWS EC2 Endpoint (ec2.us-west-2.amazonaws.com), may change this to something closer to you
+* `RHOST`: The AWS EC2 Endpoint (ec2.us-west-2.amazonaws.com), may change this to something closer to you
 * `Region`: The default region (us-west-2), must match endpoint
 * `AccessKeyId`: AWS API access key
 * `SecretAccessKey`: AWS API secret access key
@@ -129,10 +129,10 @@ Advanced Options:
 * `MinCount`: Minimum number of instances to launch
 * `ROLE_NAME`: The instance profile/role name
 * `RPORT:` AWS EC2 Endpoint TCP Port
-* `SEC_GROUP_ID`: the EC2 security group to use
-* `SEC_GROUP_CIDR`: the EC2 security group network access CIDR, defaults to 0.0.0.0/0
-* `SEC_GROUP_NAME`: the EC2 security group name
-* `SEC_GROUP_PORT`: the EC2 security group network access port, defaults to tcp:22
+* `SEC_GROUP_ID`: The EC2 security group to use
+* `SEC_GROUP_CIDR`: The EC2 security group network access CIDR, defaults to 0.0.0.0/0
+* `SEC_GROUP_NAME`: The EC2 security group name
+* `SEC_GROUP_PORT`: The EC2 security group network access port, defaults to tcp:22
 * `SUBNET_ID`: The public subnet to use
 * `UserAgent`: The User-Agent header to use for all requests
 * `VPC_ID`: The EC2 VPC ID
@@ -181,7 +181,7 @@ msf auxiliary(aws_launch_instances) > run
 ...
 [*] instance i-12345678 status: ok
 [*] Instance i-12345678 has IP address 54.186.158.6
-[*] Auxiliary module execution completed 
+[*] Auxiliary module execution completed
 ```
 
 When the host has passed its primary system checks, the IP address will be

documentation/modules/auxiliary/admin/smb/ms17_010_command.md

@@ -65,7 +65,7 @@ This can be either the plain text version or the Windows hash.
 
 **Automatic Target**
 
-There are multiple targets available for exploit/windows/smb/psexec. The Automatic target is the default target. If the  Automatic target detects Powershell on the remote machine, it will try Powershell, otherwise it uses the natvie upload. Each target is explained below.
+There are multiple targets available for exploit/windows/smb/psexec. The Automatic target is the default target. If the  Automatic target detects Powershell on the remote machine, it will try Powershell, otherwise it uses the native upload. Each target is explained below.
 
 **Powershell Target**