diff --git a/Methodology and Resources/Active Directory Attack.md b/Methodology and Resources/Active Directory Attack.md
index 71cba059..a7c3d4c4 100644
--- a/Methodology and Resources/Active Directory Attack.md	
+++ b/Methodology and Resources/Active Directory Attack.md	
@@ -458,6 +458,14 @@ Replace the customqueries.json file located at `/home/username/.config/bloodhoun
  Get-AppLockerPolicy -Effective | select -ExpandProperty RuleCollections
  ```
 
+### Other Interesting Commands
+
+- **Find Domain Controller**
+  ```ps1
+  nslookup domain.com
+  nslookup -type=srv _ldap._tcp.dc._msdcs.<domain>.com
+  ```
+
 ## Most common paths to AD compromise
 
 ### MS14-068 (Microsoft Kerberos Checksum Validation Vulnerability)
diff --git a/Upload Insecure Files/README.md b/Upload Insecure Files/README.md
index 8a17f570..a6b11a9a 100644
--- a/Upload Insecure Files/README.md	
+++ b/Upload Insecure Files/README.md	
@@ -95,6 +95,15 @@ Valid pictures hosting PHP code. Upload the picture and use a local file inclusi
 - Picture Metadata, hide the payload inside a comment tag in the metadata.
 - Picture Resize, hide the payload within the compression algorithm in order to bypass a resize. Also defeating `getimagesize()` and `imagecreatefromgif()`.
 
+### Picture with custom metadata
+
+Create a custom picture and insert exif tag with `exiftool`. A list of multiple exif tags can be found at [exiv2.org](https://exiv2.org/tags.html)
+
+```ps1
+convert -size 110x110 xc:white payload.jpg
+exiftool -Copyright="PayloadsAllTheThings" -Artist="Pentest" -ImageUniqueID="Example" payload.jpg
+```
+
 ### Configuration Files
 
 If you are trying to upload files to a :