diff --git a/README.md b/README.md
index 8952915..5ee9221 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,10 @@ This repository is created as an online bookmark for useful links, resources and
endgameinc/RTA |
RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK |
+
+ fireeye/capa |
+ capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the file is a backdoor, is capable of installing services, or relies on HTTP to communicate. |
+
jymchoeng/AutoTTP |
Automated Tactics Techniques & Procedures |