From c9ca2f1f07edbadd3e0f2c5b3997586703092b8f Mon Sep 17 00:00:00 2001
From: Jurriaan Bremer <jbr@cuckoo.sh>
Date: Thu, 10 Aug 2017 02:12:16 +0200
Subject: [PATCH] include sflock and httpreplay

---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index 23998b5..fa87e7b 100644
--- a/README.md
+++ b/README.md
@@ -409,6 +409,8 @@ the [browser malware](#browser-malware) section.*
   libraries for dealing with binary files.
 * [Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
   tool.
+* [SFlock](https://github.com/jbremer/sflock) - Nested archive
+  extraction/unpacking (used in Cuckoo Sandbox).
 
 ## Deobfuscation
 
@@ -551,6 +553,9 @@ the [browser malware](#browser-malware) section.*
 * [Haka](http://www.haka-security.org/) - An open source security oriented
   language for describing protocols and applying security policies on (live)
   captured traffic.
+* [HTTPReplay](https://github.com/jbremer/httpreplay) - Library for parsing
+  and reading out PCAP files, including TLS streams using TLS Master Secrets
+  (used in Cuckoo Sandbox).
 * [INetSim](http://www.inetsim.org/) - Network service emulation, useful when
   building a malware lab.
 * [Laika BOSS](https://github.com/lmco/laikaboss) - Laika BOSS is a file-centric