From 36c2698395d79731ea6f07043fa4765188e28746 Mon Sep 17 00:00:00 2001
From: Omar Santos <santosomar@gmail.com>
Date: Fri, 4 Sep 2020 00:45:28 -0400
Subject: [PATCH] Update README.md

---
 web_application_testing/README.md | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/web_application_testing/README.md b/web_application_testing/README.md
index 14c1893..0d761c8 100644
--- a/web_application_testing/README.md
+++ b/web_application_testing/README.md
@@ -10,6 +10,10 @@ The following are a few popular tools that you learned in the video courses part
 * [sqlmap](http://sqlmap.org/)
 * [httrack](https://www.httrack.com/)
 * [skipfish](https://code.google.com/archive/p/skipfish/)
+* [nikto](https://cirt.net/Nikto2)
+* [ffuf](https://github.com/ffuf/ffuf) 
+
+Article: [A Quick Guide to Using ffuf with Burp Suite](https://medium.com/@santosomar/a-quick-guide-to-using-ffuf-with-burp-suite-713492f62242)
 
 ## WebSploit
 
@@ -17,12 +21,6 @@ The following are a few popular tools that you learned in the video courses part
 
 The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications.
 
-The following are the vulnerable applications included in [WebSploit](https://websploit.h4cker.org/):
-- Damn Vulnerable Web Application (DVWA)
-- WebGoat
-- Hackazon
-- OWASP Juice Shop
-- OWASP Mutillidae 2
 
 ## How to Integrate OWASP ZAP with Jenkins
 You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin).