feat(SAFE-T1005): added [Exposed Endpoint Exploit]

README.md

@@ -60,7 +60,7 @@ The SAFE-MCP framework defines 14 tactics that align with the MITRE ATT&CK metho
 | ATK-TA0001     | Initial Access           | [SAFE-T1002](techniques/SAFE-T1002/README.md)  | Supply Chain Compromise                                     | Distribution of backdoored MCP server packages through unofficial repositories or compromised legitimate sources                                                                                                                                       |
 | ATK-TA0001     | Initial Access           | [SAFE-T1003](techniques/SAFE-T1003/README.md)  | Malicious MCP-Server Distribution                           | Adversary ships a trojanized server package or Docker image that users install, gaining foothold when the host registers its tools                                                                                                                     |
 | ATK-TA0001     | Initial Access           | [SAFE-T1004](techniques/SAFE-T1004/README.md)  | Server Impersonation / Name-Collision                       | Attacker registers a server with the same name/URL as a trusted one, or hijacks discovery, so the client connects to them instead                                                                                                                      |
-| ATK-TA0001     | Initial Access           | SAFE-T1005                                     | Exposed Endpoint Exploit                                    | Misconfigured public MCP endpoints (no auth, debug on) let attackers connect, enumerate tools or trigger RCE                                                                                                                                           |
+| ATK-TA0001     | Initial Access           | [SAFE-T1005](techniques/SAFE-T1005/README.md)  | Exposed Endpoint Exploit                                    | Misconfigured public MCP endpoints (no auth, debug on) let attackers connect, enumerate tools or trigger RCE                                                                                                                                           |
 | ATK-TA0001     | Initial Access           | [SAFE-T1006](techniques/SAFE-T1006/README.md)  | User-Social-Engineering Install                             | Phishing/social posts persuade developers to "try this cool tool"; the installer silently registers dangerous capabilities                                                                                                                             |
 | ATK-TA0001     | Initial Access           | [SAFE-T1007](techniques/SAFE-T1007/README.md)  | OAuth Authorization Phishing                                | Malicious MCP servers exploit OAuth flows to steal access tokens from legitimate services by tricking users during authorization                                                                                                                       |
 | ATK-TA0001     | Initial Access           | [SAFE-T1008](techniques/SAFE-T1008/README.md)  | Tool Shadowing Attack                                       | Malicious MCP servers impersonate or interfere with legitimate tools to hijack execution within MCP-based workflows through cross-server tool interference                                                                                             |