BeyondTrust · ccalvani · Apr 15, 2026 · Apr 15, 2026
diff --git a/README.md b/README.md
@@ -1,11 +1,14 @@
-# research
+# Research
 
-This repo contains a list of known security exploits and misconfigurations for various systems / software produced by BeyondTrust's research team.
-The repo aims to provide automated scripts to setup and then demonstrate how each exploit / misconfiguration can be used.
-This is designed to make BeyondTrust's research reproducible, so exploits can be better understood and recreated by a wider audience.
-The root level folders are organized into 'domains' with subfolders containing specific exploits within that domain.
+This repo contains security research produced by BeyondTrust's research teams. It includes known exploits, misconfigurations, and privilege references for various platforms and systems.
 
-## exploits
+The goal is to make BeyondTrust's research reproducible and accessible. Reference materials such as privilege tables and permission inventories are also included to support ongoing security analysis.
 
-- `entra` - Entra ID / Azure Active Directory 
-    - `apps` - security misconfigurations that revolve around highly privileged apps in Entra
+The root-level folders are organized by platform, with subfolders for specific research areas within each.
+
+## Contents
+
+- `entra` — Entra ID / Azure Active Directory
+  - `apps` — Security misconfigurations involving highly privileged apps in Entra
+- `salesforce` — Salesforce
+  - `permissions` — Inventory of Salesforce permissions and their privilege classifications
diff --git a/salesforce/.DS_Store b/salesforce/.DS_Store