qazbnm456 · mazzma12 · May 5, 2022 · May 5, 2022
diff --git a/README-jp.md b/README-jp.md
@@ -18,104 +18,110 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 
 ## Contents
 
-- [Digests](#digests)
-- [Forums](#forums)
-- [Introduction](#intro)
-  - [XSS](#xss---cross-site-scripting)
-  - [Prototype Pollution](#prototype-pollution)
-  - [CSV Injection](#csv-injection)
-  - [SQL Injection](#sql-injection)
-  - [Command Injection](#command-injection)
-  - [ORM Injection](#orm-injection)
-  - [FTP Injection](#ftp-injection)
-  - [XXE](#xxe---xml-external-entity)
-  - [CSRF](#csrf---cross-site-request-forgery)
-  - [Clickjacking](#clickjacking)
-  - [SSRF](#ssrf---server-side-request-forgery)
-  - [Web Cache Poisoning](#web-cache-poisoning)
-  - [Relative Path Overwrite](#relative-path-overwrite)
-  - [Open Redirect](#open-redirect)
-  - [SAML](#saml)
-  - [Upload](#upload)
-  - [Rails](#rails)
-  - [AngularJS](#angularjs)
-  - [ReactJS](#reactjs)
-  - [SSL/TLS](#ssltls)
-  - [Webmail](#webmail)
-  - [NFS](#nfs)
-  - [AWS](#aws)
-  - [Azure](#azure)
-  - [Fingerprint](#fingerprint)
-  - [Sub Domain Enumeration](#sub-domain-enumeration)
-  - [Crypto](#crypto)
-  - [Web Shell](#web-shell)
-  - [OSINT](#osint)
-  - [DNS Rebinding](#dns-rebinding)
-  - [Deserialization](#deserialization)
-  - [OAuth](#oauth)
-  - [JWT](#jwt)
-- [Evasions](#evasions)
-  - [XXE](#evasions-xxe)
-  - [CSP](#evasions-csp)
-  - [WAF](#evasions-waf)
-  - [JSMVC](#evasions-jsmvc)
-  - [Authentication](#evasions-authentication)
-- [Tricks](#tricks)
-  - [CSRF](#tricks-csrf)
-  - [Clickjacking](#tricks-clickjacking)
-  - [Remote Code Execution](#tricks-rce)
-  - [XSS](#tricks-xss)
-  - [SQL Injection](#tricks-sql-injection)
-  - [NoSQL Injection](#tricks-nosql-injection)
-  - [FTP Injection](#tricks-ftp-injection)
-  - [XXE](#tricks-xxe)
-  - [SSRF](#tricks-ssrf)
-  - [Web Cache Poisoning](#tricks-web-cache-poisoning)
-  - [Header Injection](#tricks-header-injection)
-  - [URL](#tricks-url)
-  - [Deserialization](#tricks-deserialization)
-  - [OAuth](#tricks-oauth)
-  - [Others](#tricks-others)
-- [Browser Exploitation](#browser-exploitation)
-- [PoCs](#pocs)
-  - [Database](#pocs-database)
-- [Cheetsheets](#cheetsheets)
-- [Tools](#tools)
-  - [Auditing](#tools-auditing)
-  - [Command Injection](#tools-command-injection)
-  - [Reconnaissance](#tools-reconnaissance)
-    - [OSINT](#tools-osint)
-    - [Sub Domain Enumeration](#tools-sub-domain-enumeration)
-  - [Code Generating](#tools-code-generating)
-  - [Fuzzing](#tools-fuzzing)
-  - [Scanning](#tools-scanning)
-  - [Penetration Testing](#tools-penetration-testing)
-  - [Leaking](#tools-leaking)
-  - [Offensive](#tools-offensive)
-    - [XSS](#tools-xss)
-    - [SQL Injection](#tools-sql-injection)
-    - [Template Injection](#tools-template-injection)
-    - [XXE](#tools-xxe)
-    - [CSRF](#tools-csrf)
-    - [SSRF](#tools-ssrf)
-  - [Detecting](#tools-detecting)
-  - [Preventing](#tools-preventing)
-  - [Proxy](#tools-proxy)
-  - [Webshell](#tools-webshell)
-  - [Disassembler](#tools-disassembler)
-  - [Decompiler](#tools-decompiler)
-  - [DNS Rebinding](#tools-dns-rebinding)
-  - [Others](#tools-others)
-- [Social Engineering Database](#social-engineering-database)
-- [Blogs](#blogs)
-- [Twitter Users](#twitter-users)
-- [Practices](#practices)
-  - [Application](#practices-application)
-  - [AWS](#practices-aws)
-  - [XSS](#practices-xss)
-  - [ModSecurity / OWASP ModSecurity Core Rule Set](#practices-modsecurity)
-- [Community](#community)
-- [Miscellaneous](#miscellaneous)
+- [Awesome Web Security - JP ![Awesome](https://github.com/sindresorhus/awesome)](#awesome-web-security---jp-)
+  - [Contents](#contents)
+  - [Digests](#digests)
+  - [Forums](#forums)
+  - [Introduction](#introduction)
+    - [XSS - Cross-Site Scripting](#xss---cross-site-scripting)
+    - [Prototype Pollution](#prototype-pollution)
+    - [CSV Injection](#csv-injection)
+    - [SQL Injection](#sql-injection)
+    - [Command Injection](#command-injection)
+    - [ORM Injection](#orm-injection)
+    - [FTP Injection](#ftp-injection)
+    - [XXE - XML eXternal Entity](#xxe---xml-external-entity)
+    - [CSRF - Cross-Site Request Forgery](#csrf---cross-site-request-forgery)
+    - [Clickjacking](#clickjacking)
+    - [SSRF - Server-Side Request Forgery](#ssrf---server-side-request-forgery)
+    - [Web Cache Poisoning](#web-cache-poisoning)
+    - [Relative Path Overwrite](#relative-path-overwrite)
+    - [Open Redirect](#open-redirect)
+    - [Security Assertion Markup Language (SAML)](#security-assertion-markup-language-saml)
+    - [Upload](#upload)
+    - [Rails](#rails)
+    - [AngularJS](#angularjs)
+    - [ReactJS](#reactjs)
+    - [SSL/TLS](#ssltls)
+    - [Webmail](#webmail)
+    - [NFS](#nfs)
+    - [AWS](#aws)
+    - [Azure](#azure)
+    - [Fingerprint](#fingerprint)
+    - [Sub Domain Enumeration](#sub-domain-enumeration)
+    - [Crypto](#crypto)
+    - [Web Shell](#web-shell)
+    - [OSINT](#osint)
+    - [DNS Rebinding](#dns-rebinding)
+    - [Deserialization](#deserialization)
+    - [OAuth](#oauth)
+    - [JWT](#jwt)
+  - [Evasions](#evasions)
+    - [XXE](#xxe)
+    - [CSP](#csp)
+    - [WAF](#waf)
+    - [JSMVC](#jsmvc)
+    - [Authentication](#authentication)
+  - [Tricks](#tricks)
+    - [CSRF](#csrf)
+    - [Clickjacking](#clickjacking-1)
+    - [Remote Code Execution](#remote-code-execution)
+    - [XSS](#xss)
+    - [SQL Injection](#sql-injection-1)
+    - [NoSQL Injection](#nosql-injection)
+    - [FTP Injection](#ftp-injection-1)
+    - [XXE](#xxe-1)
+    - [SSRF](#ssrf)
+    - [Web Cache Poisoning](#web-cache-poisoning-1)
+    - [Header Injection](#header-injection)
+    - [URL](#url)
+    - [Deserialization](#deserialization-1)
+    - [OAuth](#oauth-1)
+    - [Others](#others)
+  - [Browser Exploitation](#browser-exploitation)
+    - [Frontend (like SOP bypass, URL spoofing, and something like that)](#frontend-like-sop-bypass-url-spoofing-and-something-like-that)
+    - [Backend (core of Browser implementation, and often refers to C or C++ part)](#backend-core-of-browser-implementation-and-often-refers-to-c-or-c-part)
+  - [PoCs](#pocs)
+    - [Database](#database)
+  - [Cheetsheets](#cheetsheets)
+  - [Tools](#tools)
+    - [Auditing](#auditing)
+    - [Command Injection](#command-injection-1)
+    - [Reconnaissance](#reconnaissance)
+      - [OSINT - Open-Source Intelligence](#osint---open-source-intelligence)
+      - [Sub Domain Enumeration](#sub-domain-enumeration-1)
+    - [Code Generating](#code-generating)
+    - [Fuzzing](#fuzzing)
+    - [Scanning](#scanning)
+    - [Penetration Testing](#penetration-testing)
+    - [Offensive](#offensive)
+      - [XSS - Cross-Site Scripting](#xss---cross-site-scripting-1)
+      - [SQL Injection](#sql-injection-2)
+      - [Template Injection](#template-injection)
+      - [XXE](#xxe-2)
+      - [Cross Site Request Forgery](#cross-site-request-forgery)
+      - [Server-Side Request Forgery](#server-side-request-forgery)
+    - [Leaking](#leaking)
+    - [Detecting](#detecting)
+    - [Preventing](#preventing)
+    - [Proxy](#proxy)
+    - [Webshell](#webshell)
+    - [Disassembler](#disassembler)
+    - [Decompiler](#decompiler)
+    - [DNS Rebinding](#dns-rebinding-1)
+    - [Others](#others-1)
+  - [Social Engineering Database](#social-engineering-database)
+  - [Blogs](#blogs)
+  - [Twitter Users](#twitter-users)
+  - [Practices](#practices)
+    - [Application](#application)
+    - [AWS](#aws-1)
+    - [XSS](#xss-1)
+    - [ModSecurity / OWASP ModSecurity Core Rule Set](#modsecurity--owasp-modsecurity-core-rule-set)
+  - [Community](#community)
+  - [Miscellaneous](#miscellaneous)
+  - [Code of Conduct](#code-of-conduct)
+  - [License](#license)
 
 ## Digests
 
@@ -741,6 +747,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
 <a name="tools-preventing"></a>
 ### Preventing
 
+- [CrowdSec](https://github.com/crowdsecurity/crowdsec) A next-gen collaborative IPS, written in Go, able to analyze visitor behavior & provide an adapted response to all kinds of attacks. Users can share their alerts about threats with the community and benefit from the network effect.
 - [DOMPurify](https://github.com/cure53/DOMPurify) - DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG by [Cure53](https://cure53.de/).
 - [js-xss](https://github.com/leizongmin/js-xss) - Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist by [@leizongmin](https://github.com/leizongmin).
 - [Acra](https://github.com/cossacklabs/acra) - Client-side encryption engine for SQL databases, with strong selective encryption, SQL injections prevention and intrusion detection by [@cossacklabs](https://www.cossacklabs.com/).