diff --git a/README.md b/README.md
index 166e148..f699336 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
 
 > 本工具用于解决 Fastjson、log4j2、原生JNDI注入等场景中针对高版本JDK无法加载远程恶意类，通过LDAP服务器返回原生Java反序列化数据，受害者（客户端）在具备反序列化Gadget依赖的情况下可达到命令执行、代码执行、回显命令执行、无文件落地内存马注册等。
 > 
-> Solve the high version of JDK Bypass, like FastJson, Jackson, Log4j2, native JNDI injection vulnerabilities, and detect locally available deserialization gadgets to achieve command execution, echo command execution, and memory shell injection
+> Solve the high version of JDK Bypass, like FastJson, Jackson, Log4j2, native JNDI injection vulnerabilities, and detect locally available deserialization gadgets to achieve command execution, echo command execution, and memory shell injection.
 
 ## Usage
 
@@ -123,4 +123,6 @@ java -jar JNDI-Inject-Exploit-0.1-all.jar ip="192.168.0.104" url="http://192.168
 
 [wyzxxz/shiro_rce_tool: shiro 反序列 命令执行辅助检测工具](https://github.com/wyzxxz/shiro_rce_tool)
 
-[feihong-cs/Java-Rce-Echo: Java RCE 回显测试代码](https://github.com/feihong-cs/Java-Rce-Echo)
\ No newline at end of file
+[feihong-cs/Java-Rce-Echo: Java RCE 回显测试代码](https://github.com/feihong-cs/Java-Rce-Echo)
+
+[j1anFen/shiro_attack: shiro反序列化漏洞综合利用,包含（回显执行命令/注入内存马）](https://github.com/j1anFen/shiro_attack)