diff --git a/Account Takeover/README.md b/Account Takeover/README.md
index b580304..31ee6c9 100644
--- a/Account Takeover/README.md	
+++ b/Account Takeover/README.md	
@@ -122,9 +122,14 @@ See: [CVE-2020-7245](https://nvd.nist.gov/vuln/detail/CVE-2020-7245)
 
 ### Account takeover due to unicode normalization issue
 
+When processing user input involving unicode for case mapping or normalisation, unexcepted behavior can occur.  
+
 - Victim account: `demo@gmail.com`
 - Attacker account: `demⓞ@gmail.com`
 
+[Unisub - is a tool that can suggest potential unicode characters that may be converted to a given character](https://github.com/tomnomnom/hacks/tree/master/unisub).
+
+[Unicode pentester cheatsheet](https://gosecure.github.io/unicode-pentester-cheatsheet/) can be used to find list of suitable unicode characters based on platform.
 
 ## Account Takeover Via Cross Site Scripting