diff --git a/Account Takeover/README.md b/Account Takeover/README.md
index b580304..a238a8e 100644
--- a/Account Takeover/README.md	
+++ b/Account Takeover/README.md	
@@ -122,9 +122,13 @@ See: [CVE-2020-7245](https://nvd.nist.gov/vuln/detail/CVE-2020-7245)
 
 ### Account takeover due to unicode normalization issue
 
+When processing user input involving unicode for case mapping or normalisation, unexcepted behavior can occur.  
+
 - Victim account: `demo@gmail.com`
 - Attacker account: `demⓞ@gmail.com`
 
+- [Unisub - is a tool that can suggest potential unicode characters that may be converted to a given character!](https://github.com/tomnomnom/hacks/tree/master/unisub)
+- [Unicode pentester cheatsheet!](https://gosecure.github.io/unicode-pentester-cheatsheet/) can be used to find list of suitable unicode characters based on platform
 
 ## Account Takeover Via Cross Site Scripting