diff --git a/README.md b/README.md
index a3e89a5..61b153c 100644
--- a/README.md
+++ b/README.md
@@ -1640,8 +1640,10 @@
 - [my-re0-k8s-security：整理过去的分享，从零开始的Kubernetes攻防](https://github.com/neargle/my-re0-k8s-security)
 - [PHPAuditGuideBook：PHP代码审计入门指南](https://github.com/burpheart/PHPAuditGuideBook)
 - [awesome-java-security：Java安全☞代码审计/漏洞分析/武器化](https://github.com/pen4uin/awesome-java-security)
-- [迅睿CMSv4.3.3到v4.5.1后台任意代码注入漏洞(文件写入加文件包含)](./books/迅睿CMSv4.3.3到v4.5.1后台任意代码注入漏洞(文件写入加文件包含).pdf)
-- [域渗透之外网打点到三层内网](./books/域渗透之外网打点到三层内网.pdf)
+- [迅睿CMSv4.3.3到v4.5.1后台任意代码注入漏洞(文件写入加文件包含)](./books/迅睿CMSv4.3.3到v4.5.1后台任意代码注入漏洞(文件写入加文件包含).pdf)|[原文](https://xz.aliyun.com/t/11425)
+- [域渗透之外网打点到三层内网](./books/域渗透之外网打点到三层内网.pdf)|[原文](https://xz.aliyun.com/t/11432)
+- [Django SQL注入历史漏洞分析](./books/Django%20SQL注入历史漏洞分析.pdf)|[原文](https://xz.aliyun.com/t/11422)
+- [从SQL注入绕过最新安全狗WAF中学习fuzz](./books/从SQL注入绕过最新安全狗WAF中学习fuzz.pdf)|[原文](https://xz.aliyun.com/t/11412)
 
 ## <span id="head9"> 说明</span>
 
diff --git a/books/Django SQL注入历史漏洞分析.pdf b/books/Django SQL注入历史漏洞分析.pdf
new file mode 100644
index 0000000..df8b88f
Binary files /dev/null and b/books/Django SQL注入历史漏洞分析.pdf differ
diff --git a/books/从SQL注入绕过最新安全狗WAF中学习fuzz.pdf b/books/从SQL注入绕过最新安全狗WAF中学习fuzz.pdf
new file mode 100644
index 0000000..2835a2f
Binary files /dev/null and b/books/从SQL注入绕过最新安全狗WAF中学习fuzz.pdf differ