diff --git a/README.md b/README.md
index f8b9ba2..bc00e43 100644
--- a/README.md
+++ b/README.md
@@ -61,6 +61,7 @@
- [CVE-2022-20866:思科自适应安全设备软件和 Firepower 威胁防御软件 RSA 私钥泄漏检查](https://github.com/CiscoPSIRT/CVE-2022-20866)
- [WLAN-AP-WEA453e RCE:三星路由器远程命令执行漏洞](./WLAN-AP-WEA453e%20RCE三星路由器远程命令执行漏洞.md)
- [Buffer overflow in Xiongmai DVRs](https://blog.ret2.me/post/2022-01-26-exploiting-xiongmai-dvrs/)|[备份](https://web.archive.org/web/20221129205148/https://blog.ret2.me/post/2022-01-26-exploiting-xiongmai-dvrs/)
+- [CVE-2023-27350: PaperCut NG身份验证绕过导致的RCE](https://github.com/horizon3ai/CVE-2023-27350)
## Web APP
@@ -300,6 +301,8 @@
- [CVE-2022-39952:FortiNAC keyUpload zipslip 远程代码执行漏洞](https://github.com/horizon3ai/CVE-2022-39952)
- [CVE-2022-21587:Oracle E-Business Suite 未授权RCE](https://github.com/hieuminhnv/CVE-2022-21587-POC)|[Oracle E-BS CVE-2022-21587 Exploit Plugin for woodpecker-framwork](https://github.com/Zh1z3ven/Oracle-E-BS-CVE-2022-21587-Exploit)
- [Alibab-Nacos-Unauthorized-Login: Alibab Nacos <= 2.2.0 未授权访问「默认key生成jwt token」](https://github.com/Al1ex/Alibab-Nacos-Unauthorized-Login)|[Nacos-Authentication-Bypass-Poc ](https://github.com/atk7r/Nacos-Authentication-Bypass-Poc)|[nacos_vul: Nacos身份验证绕过批量检测(QVD-2023-6271)+ 直接添加用户](https://github.com/Pizz33/nacos_vul)
+- [CVE-2023-27524: Apache Superset中不安全的默认配置](https://github.com/horizon3ai/CVE-2023-27524)
+- [CVE-2023-1671: Sophos Web Appliance 远程命令执行漏洞](https://github.com/W01fh4cker/CVE-2023-1671-POC)
## 提权辅助相关
@@ -1495,7 +1498,7 @@
- [addMemShellsJSP:通过jsp注入valve内存马,可以忽略框架影响,通用tomcat789](https://github.com/Ghost2097221/addMemShellsJSP)
- [GarBageTools-public:支持致远、蓝凌、万户、帆软报表、fastjson、el表达式shell等功能的漏洞利用工具](https://github.com/Ghost2097221/GarBageTools-public)
- [NoNetCmdEcho-FileW.e:应对渗透中极限环境下命令回显 & 文件落地](https://github.com/Dr-S1x17/NoNetCmdEcho-FileW.e)
-- [DnslogCmdEcho:命令执行不回显但DNS协议出网的命令回显场景解决方案](https://github.com/sv3nbeast/DnslogCmdEcho)
+- [DnslogCmdEcho:命令执行不回显但DNS协议出网的命令回显场景解决方案](https://github.com/sv3nbeast/DnslogCmdEcho)|[HexDnsEchoT: DnslogCmdEcho修改版](https://github.com/A0WaQ4/HexDnsEchoT)
- [Goal:Goal Go Red-Team 工具类](https://github.com/code-scan/Goal)
- [Frp:魔改版 FRP 更加适合红对作战使用](https://github.com/DongHuangT1/Frp)
- [Shellcode-Loader:动态加载 shellcode](https://github.com/ReversingID/Shellcode-Loader)
@@ -1767,6 +1770,13 @@
- [go-public: 基于 Go 的端口转发工具](https://github.com/songquanpeng/go-public)
- [ByPassUACTools: Windows 平台下的UAC(User Account Contro) 绕过工具](https://github.com/Adminisme/ByPassUACTools)
- [JsonExp: fastjson漏洞批量检测工具](https://github.com/smallfox233/JsonExp)
+- [Mimikatz: 用c#实现了个远程拉取Mimikatz.ps1](https://github.com/Avienma/Mimikatz)
+- [RedisEXP: Redis 漏洞利用工具](https://github.com/yuyan-sec/RedisEXP)
+- [JundeadShell: Java内存马注入工具](https://github.com/0x00007c00/JundeadShell)
+- [WeaverScan: 泛微oa漏洞利用工具](https://github.com/TD0U/WeaverScan)
+- [frpCracker: 一款golang编写的,批量检测frp server未授权访问、弱token的工具](https://github.com/SleepingBag945/frpCracker)
+- [exec2shell: 将PE、ELF或Mach-O可执行文件的TEXT部分提取为shellcode](https://github.com/Binject/exec2shell)
+- [unauthorized_com: 未授权检测的命令行版,支持批量检测](https://github.com/xk11z/unauthorized_com)
## 文章/书籍/教程相关