diff --git a/Offensive.md b/Offensive.md
index 3e243b0..ad59210 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -1713,6 +1713,10 @@ Some tools can be categorized in more than one category. But because the current
KoreLogicSecurity/wmkick |
WMkick is a TCP protocol redirector/MITM tool that targets NTLM authentication message flows in WMI (135/tcp) and Powershell-Remoting/WSMan/WinRM (5985/tcp) to capture NetNTLMv2 hashes. |
+
+ LuemmelSec/SAML2Spray |
+ Python Script for SAML2 Authentication Passwordspray |
+
m0rv4i/SafetyDump |
Dump stuff without touching disk |