diff --git a/Offensive.md b/Offensive.md
index 464251f..7222fc9 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -290,6 +290,10 @@ Some tools can be categorized in more than one category. But because the current
A port of FuzzySecurity's UrbanBishop project for inline shellcode execution. The execution vector uses a
delegate vs an APC on a suspended threat at ntdll!RtlExitUserThread in UrbanBishop |
+
+ TheWover/GhostLoader |
+ GhostLoader - AppDomainManager - Injection - 攻壳机动队 |
+
r3nhat/XORedReflectiveDLL |
Reflective DLL Injection with obfuscated (XOR) shellcode |