diff --git a/README.md b/README.md
index 65137d8..b9ab709 100644
--- a/README.md
+++ b/README.md
@@ -441,14 +441,18 @@ My curated list of awesome links, resources and tools
hasherezade/libpeconv/runpe |
RunPE (aka Process Hollowing) is a well known technique allowing to injecting a new PE into a remote processes, imprersonating this process. The given implementation works for PE 32bit as well as 64bit. |
-
- LordNoteworthy/al-khaser |
- Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection. |
-
IRIS-H |
IRIS-H is an online digital forensics tool that performs automated static analysis of files stored in a directory-based or strictly structured formats. |
+
+ katjahahn/PortEx |
+ Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness |
+
+
+ LordNoteworthy/al-khaser |
+ Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection. |
+
nsmfoo/antivmdetection |
Script to create templates to use with VirtualBox to make vm detection harder |