From c76a00b6e92faf4f58e903fd13b06306422f05ec Mon Sep 17 00:00:00 2001
From: Somdev Sangwan <s0md3v@gmail.com>
Date: Sun, 30 Dec 2018 03:53:30 +0530
Subject: [PATCH] added demo, features, credits

---
 README.md | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/README.md b/README.md
index 381487b..1f5e06b 100644
--- a/README.md
+++ b/README.md
@@ -20,8 +20,31 @@
   </a>
 </p>
 
+![demo](https://i.ibb.co/mTtHTGP/Screenshot-2018-12-30-03-42-26.png)
+
 ### Important
 Bolt is in alpha phase of development which means it's full of bugs. Any production use of this tool discouraged.
+Pull requests and issues are welcome. I also suggest you to put this repo on watch if you are interested in it.
+
+### Current Features
+- Crawling
+- Complete HTTP Support
+- Checks
+  - Entropy
+  - Replay attack
+  - Absence of CSRF protection when requested from a mobile
+  - Removing CSRF token parameter from request
+  - Removing CSRF token from parameter
+  - Requesting resources with a fake token
+  - Potenial race condition
+
+### Features to be added
+- Support CSRF tokens in cookies
+- Referrer and Origin based checks
+- Checks
+  - True entropy of tokens
+  - Checking if server checks the token to a specific length
+ and more...
 
 ### Usage
 
@@ -37,3 +60,6 @@ Other options and switches:
 - `--delay` delay between requests
 - `--timeout` http request timeout
 - `--headers` supply http headers
+
+#### Credits
+Regular Expressions for detecting hashes are taken from [hashID](https://github.com/psypanda/hashID).