diff --git a/README.md b/README.md
index fd19f93..5eeabc9 100644
--- a/README.md
+++ b/README.md
@@ -77,45 +77,104 @@ My curated list of awesome links, resources and tools
+
+ BloodHound |
+
+
+ |
+
+
+ Elasticsearch |
+
+
+ |
+
+
+ IDA Pro |
+
+
+ |
+
+
+ Masscan |
+
+
+ |
+
+
+ osquery |
+
+
+ |
+
+
+ Splunk |
+
+
+ |
+
+
+ Sysmon |
+
+
+ |
+
+
+ Radare2 |
+
+
+ |
+
+
+ Volatility |
+
+
+ |
+
+
+ WinDBG |
+
+
+ |
+
-- BloodHound
- - [Lay of the Land with BloodHound](http://threat.tevora.com/lay-of-the-land-with-bloodhound/)
-- Elasticsearch
- - [A Practical Introduction to Elasticsearch](https://www.elastic.co/blog/a-practical-introduction-to-elasticsearch)
-- IDA Pro
- - [IDA series, part 1: the Hex-Rays decompiler](https://qmemcpy.github.io/post/ida-series-1-hex-rays)
- - [IDA series, part 2: debugging a .NET executable](https://qmemcpy.github.io/post/ida-series-2-debugging-net)
-- Masscan
- - [A Masscan Tutorial and Primer](https://danielmiessler.com/study/masscan/#gs.zhlnvjE)
-- OSQuery
- - [Tracking a stolen code-signing certificate with osquery](https://blog.trailofbits.com/2017/10/10/tracking-a-stolen-code-signing-certificate-with-osquery/)
-- Splunk
- - [The Windows Splunk Logging Cheat Sheet](https://www.malwarearchaeology.com/s/Windows-Splunk-Logging-Cheat-Sheet-v20-spjb.pdf)
-- Sysmon
- - [Sysmon doing lines](http://www.hexacorn.com/blog/2017/10/02/sysmon-doing-lines/)
- - [Mhaggis/sysmon-dfir](https://github.com/MHaggis/sysmon-dfir)
-- Radare2
- - [A journey into Radare 2 – Part 1: Simple crackme](https://www.megabeets.net/a-journey-into-radare-2-part-1/)
- - [A journey into Radare 2 – Part 2: Exploitation](https://www.megabeets.net/a-journey-into-radare-2-part-2/)
- - [Emulating Assembly in Radare2](http://blog.superponible.com/2017/04/15/emulating-assembly-in-radare2/)
- - [Pwnable.kr - Passcode](https://github.com/chrysh/ctf_writeups/tree/master/pwnable.kr)
- - [radare2 as an alternative to gdb-peda](https://monosource.github.io/2016/10/radare2-peda)
-- Volatility
- - [Volatility, my own cheatsheet (Part 1): Image Identification](https://andreafortuna.org/volatility-my-own-cheatsheet-part-1-image-identification-9343c077f8da)
- - [Volatility, my own cheatsheet (Part 2): Processes and DLLs](https://andreafortuna.org/volatility-my-own-cheatsheet-part-2-processes-and-dlls-ba22050ba25a)
- - [Volatility, my own cheatsheet (Part 3): Process Memory](https://andreafortuna.org/volatility-my-own-cheatsheet-part-3-process-memory-a0470f378ad2)
- - [Volatility, my own cheatsheet (Part 4): Kernel Memory and Objects](https://andreafortuna.org/volatility-my-own-cheatsheet-part-4-kernel-memory-and-objects-af9c022bf32c)
- - [Volatility, my own cheatsheet (Part 5): Networking](https://andreafortuna.org/volatility-my-own-cheatsheet-part-5-networking-ae92834e2214)
- - [Volatility, my own cheatsheet (Part 6): Windows Registry](https://andreafortuna.org/volatility-my-own-cheatsheet-part-6-windows-registry-ddbea0e15ff5)
- - [Volatility, my own cheatsheet (Part 7): Analyze and convert crash dumps and hibernation files](https://andreafortuna.org/volatility-my-own-cheatsheet-part-7-analyze-and-convert-crash-dumps-and-hibernation-files-5d4b5b9c5194)
- - [Volatility, my own cheatsheet (Part 8): Filesystem](https://andreafortuna.org/volatility-my-own-cheatsheet-part-8-filesystem-5c1b710b091f)
- - [Using Yara rules with Volatility](https://isc.sans.edu/forums/diary/Using+Yara+rules+with+Volatility/22950/)
-- WinDBG
- - [Anti-Antidebugging WinDbg Scripts](https://vallejo.cc/2017/07/16/anti-antidebugging-windbg-scripts/)
- - [bulentrahimkazanci/Windbg-Cheat-Sheet](https://github.com/bulentrahimkazanci/Windbg-Cheat-Sheet)
- - [WinDBG and JavaScript Analysis](http://blog.talosintelligence.com/2017/08/windbg-and-javascript-analysis.html)
-
## Tools
### AWS Security