1 files changed, 20 insertions, 0 deletions

diff --git a/README.md b/README.md
index 4fa1064..511b7ec 100644
--- a/README.md
+++ b/README.md
@@ -80,6 +80,14 @@ Displays symbolic information from Windows lib files.
 
 Returns the path from which Windows will load a Dll for the given executable.
 
+## Capstone
+
+**A PowerShell binding for the Capstone Engine disassembly framework.**
+
+#### `Get-CSDisassembly`
+
+Disassembles a byte array using the Capstone Engine disassembly framework.
+
 ## ReverseEngineering
 
 **Tools to aid in reverse engineering.**
@@ -132,6 +140,10 @@ Displays the process modules that have been loaded since the call to Register-Pr
 
 Stops the running process module trace
 
+#### `Get-Entropy`
+
+Calculates the entropy of a file or byte array.
+
 ## AntivirusBypass
 
 **AV doesn't stand a chance against PowerShell!**
@@ -144,6 +156,14 @@ Locates single Byte AV signatures utilizing the same method as DSplit from "clas
 
 **All your data belong to me!**
 
+#### `Invoke-TokenManipulation`
+
+Lists available logon tokens. Creates processes with other users logon tokens, and impersonates logon tokens in the current thread.
+
+#### `Inject-LogonCredentials`
+
+Create logons with clear-text credentials without triggering a suspicious Event ID 4648 (Explicit Credential Logon).
+
 #### `Invoke-NinjaCopy`
 
 Copies a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures.