diff --git a/WPScan-User-Documentation.md b/WPScan-User-Documentation.md
index 44575b0..f0ba061 100644
--- a/WPScan-User-Documentation.md
+++ b/WPScan-User-Documentation.md
@@ -116,25 +116,25 @@ Here we have put together a bunch of common commands that will help you get star
 
 _NOTE: Get your API token from [wpscan.com](https://wpscan.com/) if you also want the vulnerabilities associated with the detected plugin displaying._
 
-- For all plugins with known vulnerabilities:
+#### For all plugins with known vulnerabilities:
 
 `wpscan --url example.com -e vp --plugins-detection mixed --api-token YOUR_TOKEN`
 
-- For all plugins in our database (could take a very long time):
+#### For all plugins in our database (could take a very long time):
 
 `wpscan --url example.com -e ap --plugins-detection mixed --api-token YOUR_TOKEN`
 
-- Password brute force attack
+#### Password brute force attack
 
 `wpscan --url example.com -e u --passwords /path/to/password_file.txt`
 
 ### Docker Cheat Sheet
 
-- Pull the Docker repository
+#### Pull the Docker repository
 
 `docker pull wpscanteam/wpscan`
 
-- Run WPScan and enumerate usernames
+#### Run WPScan and enumerate usernames
 
 `docker run -it --rm wpscanteam/wpscan --url https://target.tld/ --enumerate u`
 
@@ -147,7 +147,7 @@ docker run --rm --mount type=bind,source=$HOME/docker-bind,target=/output wpscan
 
 The `wpscan-output.txt` file now exists on the host machine at `~/docker-bind/wpscan-output.txt`.
 
-- Pass password list to Docker container
+#### Pass password list to Docker container
 
 ```
 docker run -it --rm -v /Users/__macuser__/:/__containerdirectory__ wpscanteam/wpscan --url http://example..com/ --passwords /__containerdirectory__/passwords.txt