From 93d76033b6061bbd157190f3d63327d286bd34cd Mon Sep 17 00:00:00 2001
From: John Hammond <johnhammond010@gmail.com>
Date: Tue, 6 Feb 2018 16:48:08 -0500
Subject: [PATCH] Added more to Forensics

---
 README.md | 38 ++++++++++++++++++++++++++++++++++++--
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 1faa5f4..1c64c4b 100644
--- a/README.md
+++ b/README.md
@@ -247,12 +247,29 @@ PDF Files
 
 * [`pdfdetach`][pdfdetach]
 
-	A command-line tool to extract files out of a [PDF]
+	A command-line tool to extract files out of a [PDF].
 
 
 Forensics
 -----------
 
+* [Magic Numbers]
+
+	The starting values that identify a file format. These are often crucial for programs to properly read a certain file type, so they must be correct. If some files are acting strangely, try verifying their [magic number] with a [trusted list of file signatures](https://en.wikipedia.org/wiki/List_of_file_signatures).
+
+* [`hexed.it`][hexed.it]
+
+	An online tool that allows you to modify the hexadecimal and binary values of an uploaded file. This is a good tool for correcting files with a corrupt [magic number]
+
+* [`dumpzilla`][dumpzilla]
+
+	A [Python] script to examine a `.mozilla` configuration file, to examine downloads, bookmarks, history or bookmarks and registered passwords. Usage may be as such:
+
+```
+python dumpzilla.py .mozilla/firefox/c3a958fk.default/ --Downloads --History --Bookmarks --Passwords
+```
+
+
 * `foremost`
 
 	A command-line tool to carve files out of another file. Usage is `foremost [filename]` and it will create an `output` directory.
@@ -301,6 +318,10 @@ Web
 <IMG SRC=/ onerror="alert(String.fromCharCode(88,83,83))"></img>
 ```
 
+* [`wpscan`][wpscan]
+
+	* A Ruby script to scan and do reconnaissance on a [Wordpress] application. 
+	
 * Cookie Catcher
 
 	
@@ -382,6 +403,12 @@ VisualBasicScript Reversing
 ---------------------------
 
 
+Miscellaneous
+----------
+
+* 15 Puzzle
+	
+	A sliding puzzle that consists of a 4x4 grid with numbered square tiles, with one missing, set in a random order. It was involved in SharifCTF to determine if a group of these puzzles was solvable: [https://theromanxpl0it.github.io/ctf_sharifctf18/fifteenpuzzle/](https://theromanxpl0it.github.io/ctf_sharifctf18/fifteenpuzzle/)
 
 
 [steghide]: http://steghide.sourceforge.net/
@@ -428,4 +455,11 @@ VisualBasicScript Reversing
 [XSS]: https://en.wikipedia.org/wiki/Cross-site_scripting
 [HTML]: https://en.wikipedia.org/wiki/HTML
 [JavaScript]: https://en.wikipedia.org/wiki/JavaScript
-[PEiD]: https://www.aldeid.com/wiki/PEiD
\ No newline at end of file
+[PEiD]: https://www.aldeid.com/wiki/PEiD
+[wpscan]: https://wpscan.org/
+[Ruby]: https://www.ruby-lang.org/en/
+[Wordpress]: https://en.wikipedia.org/wiki/WordPress
+[dumpzilla]: http://www.dumpzilla.org/
+[hexed.it]: https://hexed.it/
+[Magic Numbers]: https://en.wikipedia.org/wiki/Magic_number_(programming)#Magic_numbers_in_files
+[Magic Number]: https://en.wikipedia.org/wiki/Magic_number_(programming)#Magic_numbers_in_files
\ No newline at end of file