From 75f0315e0ecf504cd76dc3a8243da457df908764 Mon Sep 17 00:00:00 2001
From: Peter Thaleikis <spekulatius@users.noreply.github.com>
Date: Mon, 23 Sep 2024 09:57:40 +0200
Subject: [PATCH] Adding https://github.com/NodyHub/zipslipper

---
 readme.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/readme.md b/readme.md
index 1f98383..46b5181 100644
--- a/readme.md
+++ b/readme.md
@@ -61,6 +61,10 @@ Personal notes and awesome infosec stuff for a bash-focused workflow. Highly sub
 - [`#1914118`](https://hackerone.com/reports/1914118) - [`PR`](https://github.com/github/securitylab/issues/728), [`Video`](https://www.youtube.com/watch?v=F95U912u7OQ) `2023-03-21`.
 - [`CVE-2022-3607`](https://huntr.dev/bounties/2d1db3c9-93e8-4902-a55b-5ea53c22aa11) - ZipSlip Symlink variant allows to read any file within OctoPrint Box in [octoprint/octoprint](https://github.com/OctoPrint/OctoPrint) [`Fix`](https://github.com/octoprint/octoprint/commit/3cca3a43f3d085e9bbe5a5840c8255bb1b5d052e) `2022-08-24`.
 
+#### Tools
+
+- [NodyHub/zipslipper](https://github.com/NodyHub/zipslipper) - Create tar/zip archives that try to exploit zipslip vulnerabilities. 
+
 ### CLI Applications
 
 - [Terminally Owned - 60 Years of Escaping](https://www.youtube.com/watch?v=Y4A7KMQEmfo) -  DEF CON 31 talk by David Leadbeater `2023`.