diff --git a/Offensive.md b/Offensive.md
index 600bf19..fb1e561 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -957,6 +957,10 @@ Some tools can be categorized in more than one category. But because the current
eloypgz/certi |
Utility to play with ADCS, allows to request tickets and collect information about related objects. Basically, it's the impacket copy of Certify. Thanks to @harmj0y and @tifkin_ for its great work with ADCS. |
+
+ EspressoCake/Toggle_Token_Privileges_BOF |
+ Syscall BOF to arbitrarily add/detract process token privilege rights. |
+
GhostPack/ForgeCert |
ForgeCert uses the BouncyCastle C# API and a stolen Certificate Authority (CA) certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory. |