Update tls_decryption.md

fixed some typos

tls_decryption.md

@@ -91,17 +91,17 @@ If you see the above error "*client does not trust proxy's certificate*" while d
 - Alterntaively you can install the [LSposed](https://github.com/LSPosed/LSPosed) module. Then install the [sslunpinning](https://github.com/Xposed-Modules-Repo/io.github.tehcneko.sslunpinning/releases) module
 - You can use [VirtualXposed](https://github.com/android-hacker/VirtualXposed) to virtualize your app, making it run as it was SDK 23 (Android 11 and later  [currently not supported](https://github.com/android-hacker/VirtualXposed/issues/1073)). To do so, open VirtualXposed, select "Add App" and install the target application that you want to decrypt (use the "virtualxposed" method). Then in PCAPdroid, select VirtualXposed as the target app for the decryption. Virtualization is quite unreliable, so expect crashes.
 #### Using rooted Android emulator
- - If you don't want to root your device or can't root it, you can try the same above steps on a Android emulator and it should give the same results. The recommendations Android emulator is Android studios' defualt virtual device manager as it will provide you emulator with all sdk versions. For a guide on how to setup an android emulator and root it , you can refer this [Youtube tutorial](https://www.youtube.com/watch?v=QzsNn3GhYYk).
+ - If you don't want to root your device or can't root it, you can try the same above steps on a Android emulator and it should give the same results. The recommendation for Android emulator is Android studios' defualt virtual device manager as it will give you options of emulator with all sdk versions. A guide on how to setup an android emulator and root it ,refer [video tutorial](https://www.youtube.com/watch?v=QzsNn3GhYYk).
  #### Patching an Android Apk.
 - You can use [apk-mitm](https://github.com/shroudedcode/apk-mitm) which automates rebuilding the apk with the pinning logic disabled and signs the apk for installion without errors.
 - Another tool that could be useful is [android-unpinner](https://github.com/mitmproxy/android-unpinner) which may have some benefits over apk-mitm tool.
 - You can use [apktool](https://apktool.org/) to decompile the app, lower its target SDK to 23, and rebuild it.
 - If you have the app source code and can build the app, refer to the [the Android guide](https://developer.android.com/training/articles/security-config.html) to trust the PCAPdroid CA.This would require you to have android studio or another IDE installed for editing the code and build the app. In the network security config xml, you can specify TLDs, for example `<domain includeSubdomains="true">com</domain>` to use the CA to mitm any `.com` domain. To specify the certificate, rename the PCAPdroid CA certificate you exported during the TLS decryption setup to `pcapdroid.crt` and place it under the `raw` resources folder. Please also note that some libraries may use a custom trust store, refer to their documentation on this subject.
 #### Reverse engineering apks and other advanced topics.
-- If none of the above mentioned method works, then the app may use custom pinning logic, in which case you will need to decompile the app , reverse engineer the app, and patch it. Commonly used softwares used for decompiling an app are [JADX](https://github.com/skylot/jadx) , [apktool](https://apktool.org/). For guide related to this refer a [blog](https://hackernoon.com/apk-decompilation-a-beginners-guide-for-reverse-engineers) and a [video tutorial](https://www.youtube.com/watch?v=QwwLSyRzNwo) by John Hammond.
+- If none of the above mentioned method works, then the app may use custom pinning logic, in which case you will need to decompile the app , reverse engineer the app, and patch it. Commonly used softwares for decompiling apps are [JADX](https://github.com/skylot/jadx) , [apktool](https://apktool.org/). A guide on how to use this refer- [blog](https://hackernoon.com/apk-decompilation-a-beginners-guide-for-reverse-engineers) and a [video tutorial](https://www.youtube.com/watch?v=QwwLSyRzNwo) by John Hammond.
 - Along with patching and Android app , you could take help of tools like [Objection](https://github.com/sensepost/objection) and [Frida tools](https://github.com/sensepost/objection) to bypass ssl pinning.
-A full guide on how to use these tools you can refer this [youtube tutorial](https://www.youtube.com/watch?v=R3ptGaFW1AU) .Instead of using Burpsuite in tutorial you could just use pcapdroid-mitm or [externel-mitmproxy](https://github.com/emanuele-f/PCAPdroid/edit/gh-pages/tls_decryption.md#35-decrypting-via-an-external-mitmproxy) if you just want to decrypt TLS traffic.
-- You can also refer the [OWASP mobile security](https://mas.owasp.org/MASTG/0x04c-Tampering-and-Reverse-Engineering/#references) website which has a repository of mobile application pen-testing and reverse-engineering [tools](https://mas.owasp.org/MASTG/tools/) discussed in-depth .You can refer various OWASP uncrackable app tutorials for more insight.
+A full guide on how to use these tools you can refer this [video tutorial](https://www.youtube.com/watch?v=R3ptGaFW1AU). Instead of using burpsuite in tutorial you could just make use of pcapdroid-mitm or [externel-mitmproxy](https://github.com/emanuele-f/PCAPdroid/edit/gh-pages/tls_decryption.md#35-decrypting-via-an-external-mitmproxy) if you just want to decrypt TLS traffic.
+- You can also refer the [OWASP mobile security](https://mas.owasp.org/MASTG/0x04c-Tampering-and-Reverse-Engineering/#references) website which has a repository of mobile application pen-testing and reverse-engineering [tools](https://mas.owasp.org/MASTG/tools/) discussed in-depth .You can refer various OWASP uncrackable app tutorials on youtube for more insight.
 
 
 ### 3.4.2 Certificate transparency