diff --git a/.gitbook/assets/image (254).png b/.gitbook/assets/image (254).png
new file mode 100644
index 000000000..bd9157367
Binary files /dev/null and b/.gitbook/assets/image (254).png differ
diff --git a/.gitbook/assets/image (343).png b/.gitbook/assets/image (343).png
new file mode 100644
index 000000000..94eb55348
Binary files /dev/null and b/.gitbook/assets/image (343).png differ
diff --git a/.gitbook/assets/image (401).png b/.gitbook/assets/image (401).png
new file mode 100644
index 000000000..892cce1c3
Binary files /dev/null and b/.gitbook/assets/image (401).png differ
diff --git a/.gitbook/assets/image (402).png b/.gitbook/assets/image (402).png
new file mode 100644
index 000000000..6587056c9
Binary files /dev/null and b/.gitbook/assets/image (402).png differ
diff --git a/.gitbook/assets/image (403).png b/.gitbook/assets/image (403).png
new file mode 100644
index 000000000..11b89f62f
Binary files /dev/null and b/.gitbook/assets/image (403).png differ
diff --git a/.gitbook/assets/image (404).png b/.gitbook/assets/image (404).png
new file mode 100644
index 000000000..845577d83
Binary files /dev/null and b/.gitbook/assets/image (404).png differ
diff --git a/reversing/reversing-tools/README.md b/reversing/reversing-tools/README.md
index a792f1f15..55a21c582 100644
--- a/reversing/reversing-tools/README.md
+++ b/reversing/reversing-tools/README.md
@@ -126,14 +126,39 @@ Then, looking to this ca see when the execution was stopped in the dll you want
 
 ### Debugging a shellcode with blobrunner
 
-[Blobrunner](https://github.com/OALabs/BlobRunner) will **allocate** the **shellcode** inside a space of memory, will **indicate** you the **memory address** were the shellcode was allocated and will **stop** the execution.  
+[**Blobrunner**](https://github.com/OALabs/BlobRunner) will **allocate** the **shellcode** inside a space of memory, will **indicate** you the **memory address** were the shellcode was allocated and will **stop** the execution.  
 Then, you need to **attach a debugger** \(Ida or x64dbg\) to the process and put a **breakpoint the indicated memory address** and **resume** the execution. This way you will be debugging the shellcode.
 
+The releases github page contains zips containing the compiled releases: [https://github.com/OALabs/BlobRunner/releases/tag/v0.0.5](https://github.com/OALabs/BlobRunner/releases/tag/v0.0.5)  
 You can find a slightly modified version of Blobrunner in the following link. In order to compile it just **create a C/C++ project in Visual Studio Code, copy and paste the code and build it**.
 
 {% page-ref page="blobrunner.md" %}
 
+### Debugging a shellcode with jmp2it
 
+\*\*\*\*[**jmp2it** ](https://github.com/adamkramer/jmp2it/releases/tag/v1.4)is very similar to blobrunner. It will **allocate** the **shellcode** inside a space of memory, and start an **eternal loop**. You then need to **attach the debugger** to the process, **play start wait 2-5 secs and press stop** and you will find yourself inside the **eternal loop**. Jump to the next instruction of the eternal loop as it will be a call to the shellcode, and finally you will find yourself executing the shellcode.
+
+![](../../.gitbook/assets/image%20%28403%29.png)
+
+You can download a compiled version of [jmp2it inside the releases page](https://github.com/adamkramer/jmp2it/releases/).
+
+### Debugging shellcode using Cutter
+
+\*\*\*\*[**Cutter**](https://github.com/rizinorg/cutter/releases/tag/v1.12.0) is the GUI of radare. Using cutter you can emulate the shellcode and inspect it dynamically.
+
+Note that Cutter allows you to "Open File" and "Open Shellcode". In my case when I opened the shellcode as a file it decompiled it correctly, but when I opened it as a shellcode it didn't:
+
+![](../../.gitbook/assets/image%20%28254%29.png)
+
+In order to start the emulation in the place you want to, set a bp there and apparently cutter will automatically start the emulation from there:
+
+![](../../.gitbook/assets/image%20%28402%29.png)
+
+![](../../.gitbook/assets/image%20%28343%29.png)
+
+You can see the stack for example inside a hex dump:
+
+![](../../.gitbook/assets/image%20%28404%29.png)
 
 ### Deobfuscating shellcode and getting executed functions
 
@@ -142,13 +167,22 @@ It will tell you things like **which functions** is the shellcode using and if t
 
 ```bash
 scdbg.exe -f shellcode # Get info
-scdbg.exe -f shellcode -r #Run it
-scdbg.exe -f shellcode -r #Run it with hooks
+scdbg.exe -f shellcode -r #show analysis report at end of run
+scdbg.exe -f shellcode -i -r #enable interactive hooks (file and network) and show analysis report at end of run
 scdbg.exe -f shellcode -d #Dump decoded shellcode
 scdbg.exe -f shellcode /findsc #Find offset where starts
+scdbg.exe -f shellcode /foff 0x0000004D #Start the executing in that offset
 ```
 
-To **run a shellcode** you can also use: [http://mcdermottcybersecurity.com/articles/windows-x64-shellcode\#testing](http://mcdermottcybersecurity.com/articles/windows-x64-shellcode#testing)
+scDbg also counts with a graphical launcher where you can select the options you want and execute the shellcode
+
+![](../../.gitbook/assets/image%20%28401%29.png)
+
+The **Create Dump** option will dump the final shellcode if any change is done to the shellcode dynamically in memory \(useful to download the decoded shellcode\). The **start offset** can be useful to start the shellcode at a specific offset. The **Debug Shell** option is useful to debug the shellcode using the scDbg terminal \(however I find any of the options explained before better for this matter as you will be able to use Ida or x64dbg\).
+
+### Disassembling using CyberChef
+
+Upload you shellcode file as input and use the following receipt to decompile it: [https://gchq.github.io/CyberChef/\#recipe=To\_Hex\('Space',0\)Disassemble\_x86\('32','Full%20x86%20architecture',16,0,true,true\)](https://gchq.github.io/CyberChef/#recipe=To_Hex%28'Space',0%29Disassemble_x86%28'32','Full%20x86%20architecture',16,0,true,true%29)
 
 ## [Movfuscator](https://github.com/xoreaxeaxeax/movfuscator)