diff --git a/README.md b/README.md
index 20e4c2a..1c39f12 100644
--- a/README.md
+++ b/README.md
@@ -1131,6 +1131,10 @@ My curated list of awesome links, resources and tools
FAME |
FAME Automates Malware Evaluation |
+
+ glmcdona/Process-Dump |
+ Windows tool for dumping malware PE files from memory back to disk for analysis. |
+
hasherezade/libpeconv/runpe |
RunPE (aka Process Hollowing) is a well known technique allowing to injecting a new PE into a remote processes, imprersonating this process. The given implementation works for PE 32bit as well as 64bit. |