diff --git a/Reverse Engineering/Android.md b/Reverse Engineering/Android.md
index 1fbc8ff..0dac674 100644
--- a/Reverse Engineering/Android.md	
+++ b/Reverse Engineering/Android.md	
@@ -1,6 +1,16 @@
-# Misc
+## Android Reverse Engineering
 
-* `Dalvik` is the JVM of Android
+* [HTB's Android Hacking Guide](https://www.hackthebox.com/blog/intro-to-mobile-pentesting)
+
+## APK Structure
+
+* `AndroidManifest.xml`, binary XML
+* `classes.dex`, app code compilation as dex
+* `resource.arsc`, precompiled resources in XML
+* `res`, resource dir 
+* `assets` app assets
+* `lib`, libraries
+* `META/INF`, contains metadata file `MANIFEST.MF` and signature of the apk.
 
 ## SMALI
 
@@ -19,7 +29,12 @@ D double
 [ array
 ```
 
+# Misc
+
+* `Dalvik` is the JVM of Android
+
 ### Registers
+
 * Registers are 32 bits
 * Type long and double use two registers 32+32=64 bits
 * `.registers`, total number of regs in method
@@ -31,17 +46,6 @@ D double
 * Normal local register are name v0, v1, v2 ...
 * Parameter register are a second naming on top, e.g.v2 and p0 or v3 and p1 are the same registers.
 
-
-## APK Structure
-
-* `AndroidManifest.xml`, binary XML
-* `classes.dex`, app code compilation as dex
-* `resource.arsc`, precompiled resources in XML
-* `res`, resource dir 
-* `assets` app assets
-* `lib`, libraries
-* `META/INF`, contains metadata file `MANIFEST.MF` and signature of the apk.
-
 ## Tools
 
 * `jadx -d <outdir> <apk or dex>` as a decompiler
diff --git a/Reverse Engineering/Firmware.md b/Reverse Engineering/Firmware.md
index 11e2d8b..b0aa18f 100644
--- a/Reverse Engineering/Firmware.md	
+++ b/Reverse Engineering/Firmware.md	
@@ -2,21 +2,50 @@
 
 ## Tools
 
+#### Extraction
+
 * binwalk
 * unlzma
 * tar
+
 * [fat](https://github.com/attify/firmware-analysis-toolkit.git)
     * Create usable environment and start firmware inside it
     ```sh
     ./fat.py <firmware>
     ```
+* [Firmware-Mod-Kit](https://github.com/rampageX/firmware-mod-kit.git) contains `extract-firmware.sh`
 * [Jefferson](https://github.com/sviehb/jefferson) or AUR package `jefferson-git`
-* Squashfs
+* [squashfs-tools](https://github.com/plougher/squashfs-tools)
+* [squashfs-tools-ng](https://github.com/AgentD/squashfs-tools-ng.git)
+
+
+### Dynamic Analysis
+
+gdb (remote debugging feature) and qemu.
+
+### Enumeration
+
+* [Firmwalker](https://github.com/craigz28/firmwalker.git)
+* An image may contain files like
+    * Usernames and Passwords
+    * __Keys__ and __Paraphrase__ for gpg keys. Import them
+    ```sh
+    grep -ir -E "key|paraphrase"
+    ```
+    * URLS
+    * Email Addresses
 
-## Usage
 
 * Check image via `strings`
 * Check CRC via `cksum -a crc <image>`
+
+### Binwalk
+
+Use the following for file entropy check. If the image is encrypted it will be stated as "rising entropy edge".
+```sh
+binwalk -E -N <firmware>
+```
+
 * Use `binwalk` to extract. There are to methods
     * `-e` extract by offset
     * `--dd=".*"` by file extension