From c920ab6f3fab9dfbc0d1058be53f61c8c97aa3ee Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Thu, 30 Sep 2021 17:06:41 +0700
Subject: [PATCH] Add: mgeeky/ShellcodeFluctuation to Defense Evasion section

---
 Offensive.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Offensive.md b/Offensive.md
index ff9daa9..8fbc5cb 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -1331,6 +1331,10 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/med0x2e/SigFlip">med0x2e/SigFlip</a></td>
         <td>SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/mgeeky/ShellcodeFluctuation">mgeeky/ShellcodeFluctuation</a></td>
+        <td>An in-memory evasion technique fluctuating shellcode memory protection between RW & RX and encrypting/decrypting contents</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/mgeeky/Stracciatella">mgeeky/Stracciatella</a></td>
         <td>OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup</td>
@@ -1423,7 +1427,6 @@ Some tools can be categorized in more than one category. But because the current
         <td><a href="https://github.com/secretsquirrel/SigThief">secretsquirrel/SigThief</a></td>
         <td>Stealing Signatures and Making One Invalid Signature at a Time</td>
     </tr>
-    <tr>
         <td><a href="https://github.com/sinfulz/JustEvadeBro">sinfulz/JustEvadeBro</a></td>
         <td>JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.</td>
     </tr>