diff --git a/README.md b/README.md
index 5a55c74..d6cd018 100644
--- a/README.md
+++ b/README.md
@@ -1685,6 +1685,10 @@ This repository is created as an online bookmark for useful links, resources and
MalwareSoup/MitreAttack |
Python wrapper for the Mitre ATT&CK framework API |
+
+ mandiant/Mandiant-Azure-AD-Investigator |
+ This repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity |
+
markbaggett/srum-dump |
A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet. |