diff --git a/Offensive.md b/Offensive.md
index cdea2dc..2bb9246 100644
--- a/Offensive.md
+++ b/Offensive.md
@@ -1146,6 +1146,16 @@ Some tools can be categorized in more than one category. But because the current
| matterpreter/SHAPESHIFTERmatterpreter/SHAPESHIFTER |
Companion PoC for the "Adventures in Dynamic Evasion" blog post |
+
+ | mdsecactivebreach/Chameleon |
+ Chameleon: A tool for evading Proxy categorisation |
+
+
+ | mdsecactivebreach/firewalker |
+ This repo contains a simple library which can be used to add FireWalker hook bypass capabilities to existing
+ code |
+
+
| med0x2e/NoAmci |
Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load(). |
@@ -1155,13 +1165,8 @@ Some tools can be categorized in more than one category. But because the current
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature. |
- | mdsecactivebreach/Chameleon |
- Chameleon: A tool for evading Proxy categorisation |
-
-
- | mdsecactivebreach/firewalker |
- This repo contains a simple library which can be used to add FireWalker hook bypass capabilities to existing
- code |
+ mgeeky/Stracciatella |
+ OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup |
| nccgroup/demiguise |