Add abusing RFC 2142 trick to Web Application Security section

README.md

@@ -15,13 +15,13 @@ My curated list of awesome links, resources and tools
     - [Malware Analysis](#malware-analysis)
     - [Reverse Engineering](#reverse-engineering)
     - [Tutorials](#tutorials)
-    - [Web Application Security](#web-application-security-1)
+    - [Web Application Security](#web-application-security)
 - [Tools](#tools)
 	- [AWS Security](#aws-security)
     - [Binary Analysis](#binary-analysis)
     - [Cryptography](#cryptography)
     - [Data Exfiltration](#data-exfiltration)
-    - [Digital Forensics and Incident Response](#digital-forensics-and-incident-response)
+    - [Digital Forensics and Incident Response](#digital-forensics-and-incident-response-1)
     - [Exploits](#exploits)
     - [Malware Analysis](#malware-analysis-1)
     - [Mobile Securtiy](#mobile-security)
@@ -30,7 +30,7 @@ My curated list of awesome links, resources and tools
     - [Privacy](#privacy)
     - [Social Engineering](#social-engineering)
     - [Vulnerable](#vulnerable)
-    - [Web Application Security](#web-application-security)
+    - [Web Application Security](#web-application-security-1)
     - [Windows](#windows)
 
 ---
@@ -514,6 +514,9 @@ My curated list of awesome links, resources and tools
 
 *Web application security related articles and tutorials*
 
+- [Gaining access for HTTPS certificate by abusing RFC2142.](https://twitter.com/spazef0rze/status/942800411941048320)
+    - Using `admin@`, `administrator@`, `hostmaster@`, postmaster@`, `webmaster@` for email address
+
 ### SQL Injection
 
 - [NetSPI SQL Injection Wiki](https://sqlwiki.netspi.com/)