From b1e1f5c75bdf418db69930d445ff15c385415c2b Mon Sep 17 00:00:00 2001
From: Hakan Altindag <hakangoudberg@hotmail.com>
Date: Sun, 17 Nov 2019 01:48:35 +0100
Subject: [PATCH 01/15] Added Hakky54/mutual-tls-ssl

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 6d8937c..fcf0d3f 100644
--- a/README.md
+++ b/README.md
@@ -769,6 +769,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Hackxor](http://hackxor.net/) - Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax).
 - [SELinux Game](http://selinuxgame.org/) - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
 - [Portswigger Web Security Academy](https://portswigger.net/web-security) - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
+- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication
 
 <a name="practices-aws"></a>
 ### AWS

From 5838408a64610a15e88fae4338d0a055d52fb6b1 Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 29 Feb 2020 15:45:59 +0800
Subject: [PATCH 02/15] Update README.md

---
 README-jp.md | 3 ---
 README-zh.md | 3 +--
 README.md    | 3 ---
 3 files changed, 1 insertion(+), 8 deletions(-)

diff --git a/README-jp.md b/README-jp.md
index 4b04dd2..874be86 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -752,12 +752,9 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [James Kettle](http://albinowax.skeletonscribe.net/) - Head of Research at [PortSwigger Web Security](https://portswigger.net/).
 - [Broken Browser](https://www.brokenbrowser.com/) - Fun with Browser Vulnerabilities.
 - [Scrutiny](https://datarift.blogspot.tw/) - Internet Security through Web Browsers by Dhiraj Mishra.
-- [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.
 - [BRETT BUERHAUS](https://buer.haus/) - Vulnerability disclosures and rambles on application security.
 - [n0tr00t](https://www.n0tr00t.com/) - ~# n0tr00t Security Team.
 - [OpnSec](https://opnsec.com/) - Open Mind Security!
-- [LoRexxar](https://lorexxar.cn/) - 带着对技术的敬畏之心成长，不安于一隅...
-- [Wfox](http://sec2hack.com/) - 技术宅，热衷各种方面。
 - [RIPS Technologies](https://blog.ripstech.com/tags/security/) - Write-ups for PHP vulnerabilities.
 - [0Day Labs](http://blog.0daylabs.com/) - Awesome bug-bounty and challenges writeups.
 - [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.
diff --git a/README-zh.md b/README-zh.md
index be27986..2720765 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -797,15 +797,14 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [James Kettle](http://albinowax.skeletonscribe.net/) - Head of Research at [PortSwigger Web Security](https://portswigger.net/).
 - [Broken Browser](https://www.brokenbrowser.com/) - Fun with Browser Vulnerabilities.
 - [Scrutiny](https://datarift.blogspot.tw/) - Internet Security through Web Browsers by Dhiraj Mishra.
-- [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.
 - [BRETT BUERHAUS](https://buer.haus/) - Vulnerability disclosures and rambles on application security.
 - [n0tr00t](https://www.n0tr00t.com/) - ~# n0tr00t Security Team.
 - [OpnSec](https://opnsec.com/) - Open Mind Security!
 - [LoRexxar](https://lorexxar.cn/) - 带着对技术的敬畏之心成长，不安于一隅...
-- [Wfox](http://sec2hack.com/) - 技术宅，热衷各种方面。
 - [RIPS Technologies](https://blog.ripstech.com/tags/security/) - Write-ups for PHP vulnerabilities.
 - [0Day Labs](http://blog.0daylabs.com/) - Awesome bug-bounty and challenges writeups.
 - [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.
+- [What is Security?](https://kingx.me/) - Focus on Penetration Testing / Frontend Security / JavaScript Magic / APT Offense & Defense / Java Security.
 
 ## Twitter Users
 
diff --git a/README.md b/README.md
index 5a16132..f14f2d2 100644
--- a/README.md
+++ b/README.md
@@ -747,12 +747,9 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [James Kettle](http://albinowax.skeletonscribe.net/) - Head of Research at [PortSwigger Web Security](https://portswigger.net/).
 - [Broken Browser](https://www.brokenbrowser.com/) - Fun with Browser Vulnerabilities.
 - [Scrutiny](https://datarift.blogspot.tw/) - Internet Security through Web Browsers by Dhiraj Mishra.
-- [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.
 - [BRETT BUERHAUS](https://buer.haus/) - Vulnerability disclosures and rambles on application security.
 - [n0tr00t](https://www.n0tr00t.com/) - ~# n0tr00t Security Team.
 - [OpnSec](https://opnsec.com/) - Open Mind Security!
-- [LoRexxar](https://lorexxar.cn/) - 带着对技术的敬畏之心成长，不安于一隅...
-- [Wfox](http://sec2hack.com/) - 技术宅，热衷各种方面。
 - [RIPS Technologies](https://blog.ripstech.com/tags/security/) - Write-ups for PHP vulnerabilities.
 - [0Day Labs](http://blog.0daylabs.com/) - Awesome bug-bounty and challenges writeups.
 - [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.

From f7850160c6de47bce5ad57e21530919eb38628e8 Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 29 Feb 2020 15:49:01 +0800
Subject: [PATCH 03/15] Update README.md

---
 README-zh.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README-zh.md b/README-zh.md
index 2720765..c750f34 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -805,6 +805,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [0Day Labs](http://blog.0daylabs.com/) - Awesome bug-bounty and challenges writeups.
 - [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.
 - [What is Security?](https://kingx.me/) - Focus on Penetration Testing / Frontend Security / JavaScript Magic / APT Offense & Defense / Java Security.
+- [l1nk3r's blog](http://www.lmxspace.com/) - Web security.
 
 ## Twitter Users
 

From dbda144c740352d212be4b193879493d63f7bedc Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sun, 22 Mar 2020 15:13:51 +0800
Subject: [PATCH 04/15] Update README.md

---
 README-jp.md | 1 -
 README-zh.md | 1 -
 README.md    | 1 -
 3 files changed, 3 deletions(-)

diff --git a/README-jp.md b/README-jp.md
index 874be86..e698054 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -523,7 +523,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Attacking JavaScript Engines - A case study of JavaScriptCore and CVE-2016-4622](http://www.phrack.org/papers/attacking_javascript_engines.html) - Written by [phrack@saelo.net](phrack@saelo.net).
 - [Three roads lead to Rome](http://blogs.360.cn/360safe/2016/11/29/three-roads-lead-to-rome-2/) - Written by [@holynop](https://twitter.com/holynop).
 - [Exploiting a V8 OOB write.](https://halbecaf.com/2017/05/24/exploiting-a-v8-oob-write/) - Written by [@halbecaf](https://twitter.com/halbecaf).
-- [FROM CRASH TO EXPLOIT: CVE-2015-6086 – OUT OF BOUND READ/ASLR BYPASS](http://payatu.com/from-crash-to-exploit/) - Written by [payatu](http://payatu.com/).
 - [SSD Advisory – Chrome Turbofan Remote Code Execution](https://blogs.securiteam.com/index.php/archives/3379) - Written by [SecuriTeam Secure Disclosure (SSD)](https://blogs.securiteam.com/).
 - [Look Mom, I don't use Shellcode - Browser Exploitation Case Study for Internet Explorer 11](https://labs.bluefrostsecurity.de/files/Look_Mom_I_Dont_Use_Shellcode-WP.pdf) - Written by [@moritzj](http://twitter.com/moritzj).
 - [PUSHING WEBKIT'S BUTTONS WITH A MOBILE PWN2OWN EXPLOIT](https://www.zerodayinitiative.com/blog/2018/2/12/pushing-webkits-buttons-with-a-mobile-pwn2own-exploit) - Written by [@wanderingglitch](https://twitter.com/wanderingglitch).
diff --git a/README-zh.md b/README-zh.md
index c750f34..ad650ce 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -565,7 +565,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Attacking JavaScript Engines - A case study of JavaScriptCore and CVE-2016-4622](http://www.phrack.org/papers/attacking_javascript_engines.html) - Written by [phrack@saelo.net](phrack@saelo.net).
 - [Three roads lead to Rome](http://blogs.360.cn/360safe/2016/11/29/three-roads-lead-to-rome-2/) - Written by [@holynop](https://twitter.com/holynop).
 - [Exploiting a V8 OOB write.](https://halbecaf.com/2017/05/24/exploiting-a-v8-oob-write/) - Written by [@halbecaf](https://twitter.com/halbecaf).
-- [FROM CRASH TO EXPLOIT: CVE-2015-6086 – OUT OF BOUND READ/ASLR BYPASS](http://payatu.com/from-crash-to-exploit/) - Written by [payatu](http://payatu.com/).
 - [SSD Advisory – Chrome Turbofan Remote Code Execution](https://blogs.securiteam.com/index.php/archives/3379) - Written by [SecuriTeam Secure Disclosure (SSD)](https://blogs.securiteam.com/).
 - [Look Mom, I don't use Shellcode - Browser Exploitation Case Study for Internet Explorer 11](https://labs.bluefrostsecurity.de/files/Look_Mom_I_Dont_Use_Shellcode-WP.pdf) - Written by [@moritzj](http://twitter.com/moritzj).
 - [PUSHING WEBKIT'S BUTTONS WITH A MOBILE PWN2OWN EXPLOIT](https://www.zerodayinitiative.com/blog/2018/2/12/pushing-webkits-buttons-with-a-mobile-pwn2own-exploit) - Written by [@wanderingglitch](https://twitter.com/wanderingglitch).
diff --git a/README.md b/README.md
index f14f2d2..de0851c 100644
--- a/README.md
+++ b/README.md
@@ -517,7 +517,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Attacking JavaScript Engines - A case study of JavaScriptCore and CVE-2016-4622](http://www.phrack.org/papers/attacking_javascript_engines.html) - Written by [phrack@saelo.net](phrack@saelo.net).
 - [Three roads lead to Rome](http://blogs.360.cn/360safe/2016/11/29/three-roads-lead-to-rome-2/) - Written by [@holynop](https://twitter.com/holynop).
 - [Exploiting a V8 OOB write.](https://halbecaf.com/2017/05/24/exploiting-a-v8-oob-write/) - Written by [@halbecaf](https://twitter.com/halbecaf).
-- [FROM CRASH TO EXPLOIT: CVE-2015-6086 – OUT OF BOUND READ/ASLR BYPASS](http://payatu.com/from-crash-to-exploit/) - Written by [payatu](http://payatu.com/).
 - [SSD Advisory – Chrome Turbofan Remote Code Execution](https://blogs.securiteam.com/index.php/archives/3379) - Written by [SecuriTeam Secure Disclosure (SSD)](https://blogs.securiteam.com/).
 - [Look Mom, I don't use Shellcode - Browser Exploitation Case Study for Internet Explorer 11](https://labs.bluefrostsecurity.de/files/Look_Mom_I_Dont_Use_Shellcode-WP.pdf) - Written by [@moritzj](http://twitter.com/moritzj).
 - [PUSHING WEBKIT'S BUTTONS WITH A MOBILE PWN2OWN EXPLOIT](https://www.zerodayinitiative.com/blog/2018/2/12/pushing-webkits-buttons-with-a-mobile-pwn2own-exploit) - Written by [@wanderingglitch](https://twitter.com/wanderingglitch).

From 148d6a04daff6e8a39c17de7cd97029c06ea1d4d Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sun, 22 Mar 2020 16:05:46 +0800
Subject: [PATCH 05/15] Update README.md

---
 README-jp.md | 2 +-
 README-zh.md | 2 +-
 README.md    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README-jp.md b/README-jp.md
index e698054..7b8c53c 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -829,7 +829,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [CSS Is So Overpowered It Can Deanonymize Facebook Users](https://www.evonide.com/side-channel-attacking-browsers-through-css3-features/) - Written by [Ruslan Habalov](https://www.evonide.com/).
 - [Introduction to Web Application Security](https://www.slideshare.net/nragupathy/introduction-to-web-application-security-blackhoodie-us-2018) - Written by [@itsC0rg1](https://twitter.com/itsC0rg1), [@jmkeads](https://twitter.com/jmkeads) and [@matir](https://twitter.com/matir).
 - [Finding The Real Origin IPs Hiding Behind CloudFlare or TOR](https://www.secjuice.com/finding-real-ips-of-origin-servers-behind-cloudflare-or-tor/) - Written by [Paul Dannewitz](https://www.secjuice.com/author/paul-dannewitz/).
-- [Why Facebook's api starts with a for loop](https://dev.to/antogarand/why-facebooks-api-starts-with-a-for-loop-1eob?fbclid=IwAR0BQ7RmYGzQzsL33IJ2LM7lmlH0OSuIuxKLebUUBi1D51R-9UOnHrW0DQg) - Written by [@AntoGarand](https://twitter.com/AntoGarand).
+- [Why Facebook's api starts with a for loop](https://dev.to/antogarand/why-facebooks-api-starts-with-a-for-loop-1eob) - Written by [@AntoGarand](https://twitter.com/AntoGarand).
 - [How I could have stolen your photos from Google - my first 3 bug bounty writeups](https://blog.avatao.com/How-I-could-steal-your-photos-from-Google/) - Written by [@gergoturcsanyi](https://twitter.com/gergoturcsanyi).
 - [An example why NAT is NOT security](https://0day.work/an-example-why-nat-is-not-security/) - Written by [@0daywork](https://twitter.com/@0daywork).
 - [WEB APPLICATION PENETRATION TESTING NOTES](https://techvomit.net/web-application-penetration-testing-notes/) - Written by [Jayson](https://techvomit.net/).
diff --git a/README-zh.md b/README-zh.md
index ad650ce..a1b5c0b 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -880,7 +880,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [CSS Is So Overpowered It Can Deanonymize Facebook Users](https://www.evonide.com/side-channel-attacking-browsers-through-css3-features/) - Written by [Ruslan Habalov](https://www.evonide.com/).
 - [Introduction to Web Application Security](https://www.slideshare.net/nragupathy/introduction-to-web-application-security-blackhoodie-us-2018) - Written by [@itsC0rg1](https://twitter.com/itsC0rg1), [@jmkeads](https://twitter.com/jmkeads) and [@matir](https://twitter.com/matir).
 - [Finding The Real Origin IPs Hiding Behind CloudFlare or TOR](https://www.secjuice.com/finding-real-ips-of-origin-servers-behind-cloudflare-or-tor/) - Written by [Paul Dannewitz](https://www.secjuice.com/author/paul-dannewitz/).
-- [Why Facebook's api starts with a for loop](https://dev.to/antogarand/why-facebooks-api-starts-with-a-for-loop-1eob?fbclid=IwAR0BQ7RmYGzQzsL33IJ2LM7lmlH0OSuIuxKLebUUBi1D51R-9UOnHrW0DQg) - Written by [@AntoGarand](https://twitter.com/AntoGarand).
+- [Why Facebook's api starts with a for loop](https://dev.to/antogarand/why-facebooks-api-starts-with-a-for-loop-1eob) - Written by [@AntoGarand](https://twitter.com/AntoGarand).
 - [How I could have stolen your photos from Google - my first 3 bug bounty writeups](https://blog.avatao.com/How-I-could-steal-your-photos-from-Google/) - Written by [@gergoturcsanyi](https://twitter.com/gergoturcsanyi).
 - [An example why NAT is NOT security](https://0day.work/an-example-why-nat-is-not-security/) - Written by [@0daywork](https://twitter.com/@0daywork).
 - [WEB APPLICATION PENETRATION TESTING NOTES](https://techvomit.net/web-application-penetration-testing-notes/) - Written by [Jayson](https://techvomit.net/).
diff --git a/README.md b/README.md
index de0851c..81e707e 100644
--- a/README.md
+++ b/README.md
@@ -824,7 +824,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [CSS Is So Overpowered It Can Deanonymize Facebook Users](https://www.evonide.com/side-channel-attacking-browsers-through-css3-features/) - Written by [Ruslan Habalov](https://www.evonide.com/).
 - [Introduction to Web Application Security](https://www.slideshare.net/nragupathy/introduction-to-web-application-security-blackhoodie-us-2018) - Written by [@itsC0rg1](https://twitter.com/itsC0rg1), [@jmkeads](https://twitter.com/jmkeads) and [@matir](https://twitter.com/matir).
 - [Finding The Real Origin IPs Hiding Behind CloudFlare or TOR](https://www.secjuice.com/finding-real-ips-of-origin-servers-behind-cloudflare-or-tor/) - Written by [Paul Dannewitz](https://www.secjuice.com/author/paul-dannewitz/).
-- [Why Facebook's api starts with a for loop](https://dev.to/antogarand/why-facebooks-api-starts-with-a-for-loop-1eob?fbclid=IwAR0BQ7RmYGzQzsL33IJ2LM7lmlH0OSuIuxKLebUUBi1D51R-9UOnHrW0DQg) - Written by [@AntoGarand](https://twitter.com/AntoGarand).
+- [Why Facebook's api starts with a for loop](https://dev.to/antogarand/why-facebooks-api-starts-with-a-for-loop-1eob) - Written by [@AntoGarand](https://twitter.com/AntoGarand).
 - [How I could have stolen your photos from Google - my first 3 bug bounty writeups](https://blog.avatao.com/How-I-could-steal-your-photos-from-Google/) - Written by [@gergoturcsanyi](https://twitter.com/gergoturcsanyi).
 - [An example why NAT is NOT security](https://0day.work/an-example-why-nat-is-not-security/) - Written by [@0daywork](https://twitter.com/@0daywork).
 - [WEB APPLICATION PENETRATION TESTING NOTES](https://techvomit.net/web-application-penetration-testing-notes/) - Written by [Jayson](https://techvomit.net/).

From 0626d00cad7a2db062d9e035b6c87b449c21e26b Mon Sep 17 00:00:00 2001
From: Hakan Altindag <hakangoudberg@hotmail.com>
Date: Mon, 4 May 2020 10:23:20 +0200
Subject: [PATCH 06/15] Copied references to jp and zh markdown files

---
 README-jp.md | 1 +
 README-zh.md | 1 +
 README.md    | 2 +-
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/README-jp.md b/README-jp.md
index 7b8c53c..189bb90 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -780,6 +780,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Hackxor](http://hackxor.net/) - Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax).
 - [SELinux Game](http://selinuxgame.org/) - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
 - [Portswigger Web Security Academy](https://portswigger.net/web-security) - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
+- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication - Written by [Hakky54](https://github.com/Hakky54).
 
 <a name="practices-aws"></a>
 ### AWS
diff --git a/README-zh.md b/README-zh.md
index a1b5c0b..7e2c345 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -828,6 +828,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Hackxor](http://hackxor.net/) - Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax).
 - [SELinux Game](http://selinuxgame.org/) - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
 - [Portswigger Web Security Academy](https://portswigger.net/web-security) - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
+- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication - Written by [Hakky54](https://github.com/Hakky54).
 
 <a name="practices-aws"></a>
 ### AWS
diff --git a/README.md b/README.md
index ec284b7..71a9203 100644
--- a/README.md
+++ b/README.md
@@ -775,7 +775,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Hackxor](http://hackxor.net/) - Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax).
 - [SELinux Game](http://selinuxgame.org/) - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
 - [Portswigger Web Security Academy](https://portswigger.net/web-security) - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
-- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication
+- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication - Written by [Hakky54](https://github.com/Hakky54).
 
 <a name="practices-aws"></a>
 ### AWS

From 6ae9ab9cf5376b373aa71a2e4331f779d71544f0 Mon Sep 17 00:00:00 2001
From: Hakan Altindag <hakangoudberg@hotmail.com>
Date: Tue, 5 May 2020 18:11:20 +0200
Subject: [PATCH 07/15] Applied feedback and added idea files to gitignore

---
 .gitignore   | 3 +++
 README-jp.md | 2 +-
 README-zh.md | 2 +-
 README.md    | 2 +-
 4 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index 63123fb..d73c63e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,4 @@
 .DS_store
+
+*.iml
+.idea
\ No newline at end of file
diff --git a/README-jp.md b/README-jp.md
index 189bb90..3f5f925 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -275,6 +275,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 ### SSL/TLS
 
 - [SSL & TLS Penetration Testing](https://www.aptive.co.uk/blog/tls-ssl-security-testing/) - Written by [APTIVE](https://www.aptive.co.uk/).
+- [Practical introduction to SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) - Written by [@Hakky54](https://github.com/Hakky54).
 
 <a name="webmail"></a>
 ### Webmail
@@ -780,7 +781,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Hackxor](http://hackxor.net/) - Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax).
 - [SELinux Game](http://selinuxgame.org/) - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
 - [Portswigger Web Security Academy](https://portswigger.net/web-security) - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
-- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication - Written by [Hakky54](https://github.com/Hakky54).
 
 <a name="practices-aws"></a>
 ### AWS
diff --git a/README-zh.md b/README-zh.md
index 7e2c345..a71cd7e 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -293,6 +293,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 ### SSL/TLS
 
 - [SSL & TLS Penetration Testing](https://www.aptive.co.uk/blog/tls-ssl-security-testing/) - Written by [APTIVE](https://www.aptive.co.uk/).
+- [Practical introduction to SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) - Written by [@Hakky54](https://github.com/Hakky54).
 
 <a name="webmail"></a>
 ### Webmail
@@ -828,7 +829,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Hackxor](http://hackxor.net/) - Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax).
 - [SELinux Game](http://selinuxgame.org/) - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
 - [Portswigger Web Security Academy](https://portswigger.net/web-security) - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
-- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication - Written by [Hakky54](https://github.com/Hakky54).
 
 <a name="practices-aws"></a>
 ### AWS
diff --git a/README.md b/README.md
index 71a9203..9c73ea1 100644
--- a/README.md
+++ b/README.md
@@ -272,6 +272,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 ### SSL/TLS
 
 - [SSL & TLS Penetration Testing](https://www.aptive.co.uk/blog/tls-ssl-security-testing/) - Written by [APTIVE](https://www.aptive.co.uk/).
+- [Practical introduction to SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) - Written by [@Hakky54](https://github.com/Hakky54).
 
 <a name="webmail"></a>
 ### Webmail
@@ -775,7 +776,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Hackxor](http://hackxor.net/) - Realistic web application hacking game - Written by [@albinowax](https://twitter.com/albinowax).
 - [SELinux Game](http://selinuxgame.org/) - Learn SELinux by doing. Solve Puzzles, show skillz - Written by [@selinuxgame](https://twitter.com/selinuxgame).
 - [Portswigger Web Security Academy](https://portswigger.net/web-security) - Free trainings and labs - Written by [PortSwigger](https://portswigger.net/).
-- [Encrypting with SSL/TLS](https://github.com/Hakky54/mutual-tls-ssl) Step by step guide for encrypting client and server communication - Written by [Hakky54](https://github.com/Hakky54).
 
 <a name="practices-aws"></a>
 ### AWS

From 9ea61e1caa1d44f36173a51e62569cbe9904c6a9 Mon Sep 17 00:00:00 2001
From: Hakan Altindag <hakangoudberg@hotmail.com>
Date: Thu, 7 May 2020 17:49:24 +0200
Subject: [PATCH 08/15] Reverted changes of gitignore

---
 .gitignore | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index d73c63e..63123fb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1 @@
 .DS_store
-
-*.iml
-.idea
\ No newline at end of file

From c401e47030dbd4d91c1ae4f4b4e0f4e6f56d31ec Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 9 May 2020 20:23:26 +0800
Subject: [PATCH 09/15] Reorg

---
 README-jp.md | 23 +++++++++++------------
 README-zh.md | 31 +++++++++++++++----------------
 README.md    | 23 +++++++++++------------
 3 files changed, 37 insertions(+), 40 deletions(-)

diff --git a/README-jp.md b/README-jp.md
index 7b8c53c..cc74205 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -18,9 +18,9 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 
 ## Contents
 
+- [Digests](#digest)
 - [Forums](#forums)
 - [Introduction](#intro)
-  - [Tips](#tips)
   - [XSS](#xss---cross-site-scripting)
   - [Prototype Pollution](#prototype-pollution)
   - [CSV Injection](#csv-injection)
@@ -112,6 +112,16 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Community](#community)
 - [Miscellaneous](#miscellaneous)
 
+## Digests
+
+- [Hacker101](https://www.hacker101.com/) - Written by [hackerone](https://www.hackerone.com/start-hacking).
+- [The Daily Swig - Web security digest](https://portswigger.net/daily-swig) - Written by [PortSwigger](https://portswigger.net/).
+- [Web Application Security Zone by Netsparker](https://www.netsparker.com/blog/web-security/) - Written by [Netsparker](https://www.netsparker.com/).
+- [Infosec Newbie](https://www.sneakymonkey.net/2017/04/23/infosec-newbie/) - Written by [Mark Robinson](https://www.sneakymonkey.net/).
+- [The Magic of Learning](https://bitvijays.github.io/) - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
+- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
+- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
+
 ## Forums
 
 - [Phrack Magazine](http://www.phrack.org/) - Ezine written by and for hackers.
@@ -124,17 +134,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 <a name="intro"></a>
 ## Introduction
 
-<a name="tips"></a>
-### Tips
-
-- [Hacker101](https://www.hacker101.com/) - Written by [hackerone](https://www.hackerone.com/start-hacking).
-- [The Daily Swig - Web security digest](https://portswigger.net/daily-swig) - Written by [PortSwigger](https://portswigger.net/).
-- [Web Application Security Zone by Netsparker](https://www.netsparker.com/blog/web-security/) - Written by [Netsparker](https://www.netsparker.com/).
-- [Infosec Newbie](https://www.sneakymonkey.net/2017/04/23/infosec-newbie/) - Written by [Mark Robinson](https://www.sneakymonkey.net/).
-- [The Magic of Learning](https://bitvijays.github.io/) - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
-- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
-- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
 <a name="xss"></a>
 ### XSS - Cross-Site Scripting
 
diff --git a/README-zh.md b/README-zh.md
index a1b5c0b..6cf17e6 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -18,9 +18,9 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 
 ## Contents
 
+- [Digests](#digest)
 - [Forums](#forums)
 - [Introduction](#intro)
-  - [Tips](#tips)
   - [XSS](#xss---cross-site-scripting)
   - [Prototype Pollution](#prototype-pollution)
   - [CSV Injection](#csv-injection)
@@ -112,6 +112,20 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Community](#community)
 - [Miscellaneous](#miscellaneous)
 
+## Digests
+
+- [梧桐百科 - 碎片化知识学习](https://tricking.io/) - Written by [@phith0n](https://github.com/phith0n).
+- [phith0n/Mind-Map](https://github.com/phith0n/Mind-Map) - Written by [@phith0n](https://github.com/phith0n).
+- [Hacker101](https://www.hacker101.com/) - Written by [hackerone](https://www.hackerone.com/start-hacking).
+- [The Daily Swig - Web security digest](https://portswigger.net/daily-swig) - Written by [PortSwigger](https://portswigger.net/).
+- [Web Application Security Zone by Netsparker](https://www.netsparker.com/blog/web-security/) - Written by [Netsparker](https://www.netsparker.com/).
+- [腾讯玄武实验室安全动态推送](https://xuanwulab.github.io/cn/secnews/2018/01/01/index.html) - Written by [腾讯玄武实验室](http://xlab.tencent.com/cn/).
+- [Infosec Newbie](https://www.sneakymonkey.net/2017/04/23/infosec-newbie/) - Written by [Mark Robinson](https://www.sneakymonkey.net/).
+- [The Magic of Learning](https://bitvijays.github.io/) - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
+- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
+- [Got Your PW](https://gotyour.pw/) - Written by [@s3131212](https://github.com/s3131212).
+- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
+
 ## Forums
 
 - [Phrack Magazine](http://www.phrack.org/) - Ezine written by and for hackers.
@@ -133,21 +147,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 <a name="intro"></a>
 ## Introduction
 
-<a name="tips"></a>
-### Tips
-
-- [梧桐百科 - 碎片化知识学习](https://tricking.io/) - Written by [@phith0n](https://github.com/phith0n).
-- [phith0n/Mind-Map](https://github.com/phith0n/Mind-Map) - Written by [@phith0n](https://github.com/phith0n).
-- [Hacker101](https://www.hacker101.com/) - Written by [hackerone](https://www.hackerone.com/start-hacking).
-- [The Daily Swig - Web security digest](https://portswigger.net/daily-swig) - Written by [PortSwigger](https://portswigger.net/).
-- [Web Application Security Zone by Netsparker](https://www.netsparker.com/blog/web-security/) - Written by [Netsparker](https://www.netsparker.com/).
-- [腾讯玄武实验室安全动态推送](https://xuanwulab.github.io/cn/secnews/2018/01/01/index.html) - Written by [腾讯玄武实验室](http://xlab.tencent.com/cn/).
-- [Infosec Newbie](https://www.sneakymonkey.net/2017/04/23/infosec-newbie/) - Written by [Mark Robinson](https://www.sneakymonkey.net/).
-- [The Magic of Learning](https://bitvijays.github.io/) - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
-- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
-- [Got Your PW](https://gotyour.pw/) - Written by [@s3131212](https://github.com/s3131212).
-- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
 <a name="xss"></a>
 ### XSS - Cross-Site Scripting
 
diff --git a/README.md b/README.md
index 81e707e..acb6076 100644
--- a/README.md
+++ b/README.md
@@ -18,9 +18,9 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 
 ## Contents
 
+- [Digests](#digest)
 - [Forums](#forums)
 - [Introduction](#intro)
-  - [Tips](#tips)
   - [XSS](#xss---cross-site-scripting)
   - [Prototype Pollution](#prototype-pollution)
   - [CSV Injection](#csv-injection)
@@ -112,6 +112,16 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Community](#community)
 - [Miscellaneous](#miscellaneous)
 
+## Digests
+
+- [Hacker101](https://www.hacker101.com/) - Written by [hackerone](https://www.hackerone.com/start-hacking).
+- [The Daily Swig - Web security digest](https://portswigger.net/daily-swig) - Written by [PortSwigger](https://portswigger.net/).
+- [Web Application Security Zone by Netsparker](https://www.netsparker.com/blog/web-security/) - Written by [Netsparker](https://www.netsparker.com/).
+- [Infosec Newbie](https://www.sneakymonkey.net/2017/04/23/infosec-newbie/) - Written by [Mark Robinson](https://www.sneakymonkey.net/).
+- [The Magic of Learning](https://bitvijays.github.io/) - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
+- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
+- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
+
 ## Forums
 
 - [Phrack Magazine](http://www.phrack.org/) - Ezine written by and for hackers.
@@ -124,17 +134,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 <a name="intro"></a>
 ## Introduction
 
-<a name="tips"></a>
-### Tips
-
-- [Hacker101](https://www.hacker101.com/) - Written by [hackerone](https://www.hackerone.com/start-hacking).
-- [The Daily Swig - Web security digest](https://portswigger.net/daily-swig) - Written by [PortSwigger](https://portswigger.net/).
-- [Web Application Security Zone by Netsparker](https://www.netsparker.com/blog/web-security/) - Written by [Netsparker](https://www.netsparker.com/).
-- [Infosec Newbie](https://www.sneakymonkey.net/2017/04/23/infosec-newbie/) - Written by [Mark Robinson](https://www.sneakymonkey.net/).
-- [The Magic of Learning](https://bitvijays.github.io/) - Written by [@bitvijays](https://bitvijays.github.io/aboutme.html).
-- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Written by [Trail of Bits](https://www.trailofbits.com/).
-- [PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/) - Written by [@swisskyrepo](https://github.com/swisskyrepo).
-
 <a name="xss"></a>
 ### XSS - Cross-Site Scripting
 

From 8710266a043c0809ae72fb2af1a8db8d53f6217e Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 9 May 2020 20:24:53 +0800
Subject: [PATCH 10/15] fix the anchor

---
 README-jp.md | 2 +-
 README-zh.md | 2 +-
 README.md    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README-jp.md b/README-jp.md
index cb00e65..2e77d45 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -18,7 +18,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 
 ## Contents
 
-- [Digests](#digest)
+- [Digests](#digests)
 - [Forums](#forums)
 - [Introduction](#intro)
   - [XSS](#xss---cross-site-scripting)
diff --git a/README-zh.md b/README-zh.md
index 74f0a85..6779540 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -18,7 +18,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 
 ## Contents
 
-- [Digests](#digest)
+- [Digests](#digests)
 - [Forums](#forums)
 - [Introduction](#intro)
   - [XSS](#xss---cross-site-scripting)
diff --git a/README.md b/README.md
index 3ca0a36..b87bcae 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 
 ## Contents
 
-- [Digests](#digest)
+- [Digests](#digests)
 - [Forums](#forums)
 - [Introduction](#intro)
   - [XSS](#xss---cross-site-scripting)

From 342b0c4ec3262091c44794d5abf6be2f2e838787 Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 9 May 2020 20:31:36 +0800
Subject: [PATCH 11/15] Reorg

---
 README-jp.md | 11 +++++------
 README-zh.md | 23 +++++++++++------------
 README.md    | 11 +++++------
 3 files changed, 21 insertions(+), 24 deletions(-)

diff --git a/README-jp.md b/README-jp.md
index 2e77d45..716cccf 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -50,7 +50,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Crypto](#crypto)
   - [Web Shell](#web-shell)
   - [OSINT](#osint)
-  - [Books](#books)
   - [DNS Rebinding](#dns-rebinding)
 - [Evasions](#evasions)
   - [XXE](#evasions-xxe)
@@ -75,6 +74,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Browser Exploitation](#browser-exploitation)
 - [PoCs](#pocs)
   - [Database](#pocs-database)
+- [Cheetsheets](#cheetsheets)
 - [Tools](#tools)
   - [Auditing](#tools-auditing)
   - [Command Injection](#tools-command-injection)
@@ -327,11 +327,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [102 Deep Dive in the Dark Web OSINT Style Kirby Plessas](https://www.youtube.com/watch?v=fzd3zkAI_o4) - Presented by [@kirbstr](https://twitter.com/kirbstr).
 - [The most complete guide to finding anyone’s email](https://www.blurbiz.io/blog/the-most-complete-guide-to-finding-anyones-email) - Written by [Timur Daudpota](https://www.blurbiz.io/).
 
-<a name="books"></a>
-### Books
-
-- [XSS Cheat Sheet - 2018 Edition](https://leanpub.com/xss) - Written by [@brutelogic](https://twitter.com/brutelogic).
-
 <a name="dns-rebinding"></a>
 ### DNS Rebinding
 
@@ -541,6 +536,10 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [SPLOITUS](https://sploitus.com/) - Exploits & Tools Search Engine by [@i_bo0om](https://twitter.com/i_bo0om).
 - [Exploit Database](https://www.exploit-db.com/) - ultimate archive of Exploits, Shellcode, and Security Papers by [Offensive Security](https://www.offensive-security.com/).
 
+## Cheetsheets
+
+- [XSS Cheat Sheet - 2018 Edition](https://leanpub.com/xss) - Written by [@brutelogic](https://twitter.com/brutelogic).
+
 ## Tools
 
 <a name="tools-auditing"></a>
diff --git a/README-zh.md b/README-zh.md
index 6779540..d0a8096 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -50,7 +50,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Crypto](#crypto)
   - [Web Shell](#web-shell)
   - [OSINT](#osint)
-  - [Books](#books)
   - [DNS Rebinding](#dns-rebinding)
 - [Evasions](#evasions)
   - [XXE](#evasions-xxe)
@@ -75,6 +74,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Browser Exploitation](#browser-exploitation)
 - [PoCs](#pocs)
   - [Database](#pocs-database)
+- [Cheetsheets](#cheetsheets)
 - [Tools](#tools)
   - [Auditing](#tools-auditing)
   - [Command Injection](#tools-command-injection)
@@ -348,17 +348,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [102 Deep Dive in the Dark Web OSINT Style Kirby Plessas](https://www.youtube.com/watch?v=fzd3zkAI_o4) - Presented by [@kirbstr](https://twitter.com/kirbstr).
 - [The most complete guide to finding anyone’s email](https://www.blurbiz.io/blog/the-most-complete-guide-to-finding-anyones-email) - Written by [Timur Daudpota](https://www.blurbiz.io/).
 
-<a name="books"></a>
-### Books
-
-- [Security Geek 2016 - Part. A](http://bobao.360.cn/download/book/security-geek-2016-A.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
-- [Security Geek 2016 - Part. B](http://bobao.360.cn/download/book/security-geek-2016-B.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
-- [Security Geek 2017 - Q1](http://bobao.360.cn/download/book/security-geek-2017-q1.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
-- [Security Geek 2017 - Q2](http://bobao.360.cn/download/book/security-geek-2017-q2.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
-- [Security Geek 2017 - Q3](http://bobao.360.cn/download/book/security-geek-2017-q3.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
-- [Security Geek 2017 - Q4](https://static.anquanke.com/download/b/security-geek-2017-q4.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
-- [XSS Cheat Sheet - 2018 Edition](https://leanpub.com/xss) - Written by [@brutelogic](https://twitter.com/brutelogic).
-
 <a name="dns-rebinding"></a>
 ### DNS Rebinding
 
@@ -583,6 +572,16 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [SPLOITUS](https://sploitus.com/) - Exploits & Tools Search Engine by [@i_bo0om](https://twitter.com/i_bo0om).
 - [Exploit Database](https://www.exploit-db.com/) - ultimate archive of Exploits, Shellcode, and Security Papers by [Offensive Security](https://www.offensive-security.com/).
 
+## Cheetsheets
+
+- [Security Geek 2016 - Part. A](http://bobao.360.cn/download/book/security-geek-2016-A.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
+- [Security Geek 2016 - Part. B](http://bobao.360.cn/download/book/security-geek-2016-B.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
+- [Security Geek 2017 - Q1](http://bobao.360.cn/download/book/security-geek-2017-q1.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
+- [Security Geek 2017 - Q2](http://bobao.360.cn/download/book/security-geek-2017-q2.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
+- [Security Geek 2017 - Q3](http://bobao.360.cn/download/book/security-geek-2017-q3.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
+- [Security Geek 2017 - Q4](https://static.anquanke.com/download/b/security-geek-2017-q4.pdf) - Written by [360网络攻防实验室](https://weibo.com/360adlab).
+- [XSS Cheat Sheet - 2018 Edition](https://leanpub.com/xss) - Written by [@brutelogic](https://twitter.com/brutelogic).
+
 ## Tools
 
 <a name="tools-auditing"></a>
diff --git a/README.md b/README.md
index b87bcae..146c165 100644
--- a/README.md
+++ b/README.md
@@ -50,7 +50,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Crypto](#crypto)
   - [Web Shell](#web-shell)
   - [OSINT](#osint)
-  - [Books](#books)
   - [DNS Rebinding](#dns-rebinding)
 - [Evasions](#evasions)
   - [XXE](#evasions-xxe)
@@ -75,6 +74,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Browser Exploitation](#browser-exploitation)
 - [PoCs](#pocs)
   - [Database](#pocs-database)
+- [Cheetsheets](#cheetsheets)
 - [Tools](#tools)
   - [Auditing](#tools-auditing)
   - [Command Injection](#tools-command-injection)
@@ -324,11 +324,6 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [102 Deep Dive in the Dark Web OSINT Style Kirby Plessas](https://www.youtube.com/watch?v=fzd3zkAI_o4) - Presented by [@kirbstr](https://twitter.com/kirbstr).
 - [The most complete guide to finding anyone’s email](https://www.blurbiz.io/blog/the-most-complete-guide-to-finding-anyones-email) - Written by [Timur Daudpota](https://www.blurbiz.io/).
 
-<a name="books"></a>
-### Books
-
-- [XSS Cheat Sheet - 2018 Edition](https://leanpub.com/xss) - Written by [@brutelogic](https://twitter.com/brutelogic).
-
 <a name="dns-rebinding"></a>
 ### DNS Rebinding
 
@@ -535,6 +530,10 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [SPLOITUS](https://sploitus.com/) - Exploits & Tools Search Engine by [@i_bo0om](https://twitter.com/i_bo0om).
 - [Exploit Database](https://www.exploit-db.com/) - ultimate archive of Exploits, Shellcode, and Security Papers by [Offensive Security](https://www.offensive-security.com/).
 
+## Cheetsheets
+
+- [XSS Cheat Sheet - 2018 Edition](https://leanpub.com/xss) - Written by [@brutelogic](https://twitter.com/brutelogic).
+
 ## Tools
 
 <a name="tools-auditing"></a>

From 610a6fc26c288857aaa2eab0622d83f5126ac222 Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 9 May 2020 20:55:13 +0800
Subject: [PATCH 12/15] add 'Deserialization' section

---
 README-jp.md | 6 ++++++
 README-zh.md | 6 ++++++
 README.md    | 6 ++++++
 3 files changed, 18 insertions(+)

diff --git a/README-jp.md b/README-jp.md
index 716cccf..5131005 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -51,6 +51,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Web Shell](#web-shell)
   - [OSINT](#osint)
   - [DNS Rebinding](#dns-rebinding)
+  - [Deserialization](#deserialization)
 - [Evasions](#evasions)
   - [XXE](#evasions-xxe)
   - [CSP](#evasions-csp)
@@ -333,6 +334,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Attacking Private Networks from the Internet with DNS Rebinding](https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325) - Written by [@brannondorsey](https://medium.com/@brannondorsey)
 - [Hacking home routers from the Internet](https://medium.com/@radekk/hackers-can-get-access-to-your-home-router-1ddadd12a7a7) - Written by [@radekk](https://medium.com/@radekk)
 
+<a name="deserialization"></a>
+### Deserialization
+
+- [What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.](https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/) - Written by [@breenmachine](https://twitter.com/breenmachine).
+
 ## Evasions
 
 <a name="evasions-xxe"></a>
diff --git a/README-zh.md b/README-zh.md
index d0a8096..c02690b 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -51,6 +51,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Web Shell](#web-shell)
   - [OSINT](#osint)
   - [DNS Rebinding](#dns-rebinding)
+  - [Deserialization](#deserialization)
 - [Evasions](#evasions)
   - [XXE](#evasions-xxe)
   - [CSP](#evasions-csp)
@@ -354,6 +355,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Attacking Private Networks from the Internet with DNS Rebinding](https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325) - Written by [@brannondorsey](https://medium.com/@brannondorsey)
 - [Hacking home routers from the Internet](https://medium.com/@radekk/hackers-can-get-access-to-your-home-router-1ddadd12a7a7) - Written by [@radekk](https://medium.com/@radekk)
 
+<a name="deserialization"></a>
+### Deserialization
+
+- [What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.](https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/) - Written by [@breenmachine](https://twitter.com/breenmachine).
+
 ## Evasions
 
 <a name="evasions-xxe"></a>
diff --git a/README.md b/README.md
index 146c165..98a0955 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Web Shell](#web-shell)
   - [OSINT](#osint)
   - [DNS Rebinding](#dns-rebinding)
+  - [Deserialization](#deserialization)
 - [Evasions](#evasions)
   - [XXE](#evasions-xxe)
   - [CSP](#evasions-csp)
@@ -330,6 +331,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Attacking Private Networks from the Internet with DNS Rebinding](https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325) - Written by [@brannondorsey](https://medium.com/@brannondorsey)
 - [Hacking home routers from the Internet](https://medium.com/@radekk/hackers-can-get-access-to-your-home-router-1ddadd12a7a7) - Written by [@radekk](https://medium.com/@radekk)
 
+<a name="deserialization"></a>
+### Deserialization
+
+- [What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.](https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/) - Written by [@breenmachine](https://twitter.com/breenmachine).
+
 ## Evasions
 
 <a name="evasions-xxe"></a>

From 22ce6e5cd633650b688db3731f4ee1b0b2a76f13 Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 9 May 2020 21:57:57 +0800
Subject: [PATCH 13/15] add 'Tricks of Deserialization' section

---
 README-jp.md | 6 ++++++
 README-zh.md | 6 ++++++
 README.md    | 6 ++++++
 3 files changed, 18 insertions(+)

diff --git a/README-jp.md b/README-jp.md
index 5131005..a8e64c6 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -71,6 +71,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Web Cache Poisoning](#tricks-web-cache-poisoning)
   - [Header Injection](#tricks-header-injection)
   - [URL](#tricks-url)
+  - [Deserialization](#tricks-deserialization)
   - [Others](#tricks-others)
 - [Browser Exploitation](#browser-exploitation)
 - [PoCs](#pocs)
@@ -492,6 +493,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Unicode Domains are bad and you should feel bad for supporting them](https://www.vgrsec.com/post20170219.html) - Written by [VRGSEC](https://www.vgrsec.com/).
 - [[dev.twitter.com] XSS](http://blog.blackfan.ru/2017/09/devtwittercom-xss.html) - Written by [Sergey Bobrov](http://blog.blackfan.ru/).
 
+<a name="tricks-deserialization"></a>
+### Deserialization
+
+- [ASP.NET resource files (.RESX) and deserialisation issues](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/) - Written by [@irsdl](https://twitter.com/irsdl).
+
 <a name="tricks-others"></a>
 ### Others
 
diff --git a/README-zh.md b/README-zh.md
index c02690b..0d24b57 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -71,6 +71,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Web Cache Poisoning](#tricks-web-cache-poisoning)
   - [Header Injection](#tricks-header-injection)
   - [URL](#tricks-url)
+  - [Deserialization](#tricks-deserialization)
   - [Others](#tricks-others)
 - [Browser Exploitation](#browser-exploitation)
 - [PoCs](#pocs)
@@ -523,6 +524,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Unicode Domains are bad and you should feel bad for supporting them](https://www.vgrsec.com/post20170219.html) - Written by [VRGSEC](https://www.vgrsec.com/).
 - [[dev.twitter.com] XSS](http://blog.blackfan.ru/2017/09/devtwittercom-xss.html) - Written by [Sergey Bobrov](http://blog.blackfan.ru/).
 
+<a name="tricks-deserialization"></a>
+### Deserialization
+
+- [ASP.NET resource files (.RESX) and deserialisation issues](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/) - Written by [@irsdl](https://twitter.com/irsdl).
+
 <a name="tricks-others"></a>
 ### Others
 
diff --git a/README.md b/README.md
index 98a0955..82c695b 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Web Cache Poisoning](#tricks-web-cache-poisoning)
   - [Header Injection](#tricks-header-injection)
   - [URL](#tricks-url)
+  - [Deserialization](#tricks-deserialization)
   - [Others](#tricks-others)
 - [Browser Exploitation](#browser-exploitation)
 - [PoCs](#pocs)
@@ -488,6 +489,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Unicode Domains are bad and you should feel bad for supporting them](https://www.vgrsec.com/post20170219.html) - Written by [VRGSEC](https://www.vgrsec.com/).
 - [[dev.twitter.com] XSS](http://blog.blackfan.ru/2017/09/devtwittercom-xss.html) - Written by [Sergey Bobrov](http://blog.blackfan.ru/).
 
+<a name="tricks-deserialization"></a>
+### Deserialization
+
+- [ASP.NET resource files (.RESX) and deserialisation issues](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/) - Written by [@irsdl](https://twitter.com/irsdl).
+
 <a name="tricks-others"></a>
 ### Others
 

From f8ba02ec6ef8d234e6e17f39e492e51af1e2683b Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Sat, 9 May 2020 22:05:52 +0800
Subject: [PATCH 14/15] add an article

---
 README-jp.md | 1 +
 README-zh.md | 1 +
 README.md    | 1 +
 3 files changed, 3 insertions(+)

diff --git a/README-jp.md b/README-jp.md
index a8e64c6..b894725 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -848,6 +848,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Alexa Top 1 Million Security - Hacking the Big Ones](https://slashcrypto.org/data/itsecx2018.pdf) - Written by [@slashcrypto](https://twitter.com/slashcrypto).
 - [The bug bounty program that changed my life](http://10degres.net/the-bug-bounty-program-that-changed-my-life/) - Written by [Gwen](http://10degres.net/).
 - [List of bug bounty writeups](https://pentester.land/list-of-bug-bounty-writeups.html) - Written by [Mariem](https://pentester.land/).
+- [Implications of Loading .NET Assemblies](https://threatvector.cylance.com/en_us/home/implications-of-loading-net-assemblies.html) - Written by [Brian Wallace](https://threatvector.cylance.com/en_us/contributors/brian-wallace.html).
 
 ## Code of Conduct
 
diff --git a/README-zh.md b/README-zh.md
index 0d24b57..22fa530 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -899,6 +899,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Alexa Top 1 Million Security - Hacking the Big Ones](https://slashcrypto.org/data/itsecx2018.pdf) - Written by [@slashcrypto](https://twitter.com/slashcrypto).
 - [The bug bounty program that changed my life](http://10degres.net/the-bug-bounty-program-that-changed-my-life/) - Written by [Gwen](http://10degres.net/).
 - [List of bug bounty writeups](https://pentester.land/list-of-bug-bounty-writeups.html) - Written by [Mariem](https://pentester.land/).
+- [Implications of Loading .NET Assemblies](https://threatvector.cylance.com/en_us/home/implications-of-loading-net-assemblies.html) - Written by [Brian Wallace](https://threatvector.cylance.com/en_us/contributors/brian-wallace.html).
 
 ## Code of Conduct
 
diff --git a/README.md b/README.md
index 82c695b..57eb2ce 100644
--- a/README.md
+++ b/README.md
@@ -843,6 +843,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [Alexa Top 1 Million Security - Hacking the Big Ones](https://slashcrypto.org/data/itsecx2018.pdf) - Written by [@slashcrypto](https://twitter.com/slashcrypto).
 - [The bug bounty program that changed my life](http://10degres.net/the-bug-bounty-program-that-changed-my-life/) - Written by [Gwen](http://10degres.net/).
 - [List of bug bounty writeups](https://pentester.land/list-of-bug-bounty-writeups.html) - Written by [Mariem](https://pentester.land/).
+- [Implications of Loading .NET Assemblies](https://threatvector.cylance.com/en_us/home/implications-of-loading-net-assemblies.html) - Written by [Brian Wallace](https://threatvector.cylance.com/en_us/contributors/brian-wallace.html).
 
 ## Code of Conduct
 

From d30865ea9d38309fa8d1e6f68e11930628549b1f Mon Sep 17 00:00:00 2001
From: Saikiran Uppu <iamsaikiran.official@gmail.com>
Date: Sat, 9 May 2020 10:48:33 -0400
Subject: [PATCH 15/15] Update README-jp.md

---
 README-jp.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README-jp.md b/README-jp.md
index b894725..32874a5 100644
--- a/README-jp.md
+++ b/README-jp.md
@@ -105,6 +105,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
   - [Others](#tools-others)
 - [Social Engineering Database](#social-engineering-database)
 - [Blogs](#blogs)
+- [CheatSheets](#cheatsheets)
 - [Twitter Users](#twitter-users)
 - [Practices](#practices)
   - [Application](#practices-application)
@@ -769,6 +770,10 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 - [0Day Labs](http://blog.0daylabs.com/) - Awesome bug-bounty and challenges writeups.
 - [Blog of Osanda](https://osandamalith.com/) - Security Researching and Reverse Engineering.
 
+## CheatSheets
+
+- [Capture the Flag CheatSheet](https://github.com/uppusaikiran/awesome-ctf-cheatsheet#awesome-ctf-cheatsheet-) - Security Cheatsheet.
+
 ## Twitter Users
 
 - [@HackwithGitHub](https://twitter.com/HackwithGithub) - Initiative to showcase open source hacking tools for hackers and pentesters