From 68df1815ec18f5573ea1e28dee47b6de94adaa9c Mon Sep 17 00:00:00 2001
From: kh4sh3i <kh4sh3i@gmail.com>
Date: Sat, 8 Jan 2022 20:36:39 +0330
Subject: [PATCH] Update README.md

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 8aa149f..f58da18 100644
--- a/README.md
+++ b/README.md
@@ -149,6 +149,9 @@ A curated list of awesome malware analysis tools and resources
 * [yara](https://github.com/VirusTotal/yara)
 * [Python 3.8.0](https://www.python.org/downloads/release/python-380/) - for ret-sync & ida module
 * [yara-python](https://pypi.org/project/yara-python/) - require for ida module 
+* [ret-sync](https://github.com/bootleg/ret-sync) - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
+
+
 
 ### malicious Windows API
 * malware tye
@@ -190,6 +193,7 @@ A curated list of awesome malware analysis tools and resources
 * .pdb file is so important for detection function name and indexing of system dll that use in malware
 * in vmware we can suspend vm and copy .vmem for memory analysis. the file size is equal to whole memory size
 * in ida pro use [tab] key to decompile code, use [x] key to find how many time item called in pe file
+* in x64dbg with [F9] key we jumping to entrypoint of program, main function, work with F7,F8 for jumping code