diff --git a/Enumeration/References.md b/Enumeration/References.md
index 3d4ba67..030e2a3 100644
--- a/Enumeration/References.md
+++ b/Enumeration/References.md
@@ -28,7 +28,8 @@
 
 ### CMS
 
-[Typo3Scan](https://github.com/whoot/Typo3Scan.git)
+* [CMSmap](https://github.com/Dionach/CMSmap) enumeration of the most popular CMSs
+* [Typo3Scan](https://github.com/whoot/Typo3Scan.git)
 
 ## Domain Enumeration
 
@@ -37,6 +38,10 @@
 [gobuster](https://github.com/OJ/gobuster.git)
 [RustScan](https://github.com/RustScan/RustScan.git)
 
+## Parameteter Enumeration
+
+* [Arjun](https://github.com/s0md3v/Arjun.git)
+
 ## SMB Enumeration
 
 [ShawnDEvans' smbmap](https://github.com/ShawnDEvans/smbmap.git)
diff --git a/Exploits/References.md b/Exploits/References.md
index 9b70566..77d2b52 100644
--- a/Exploits/References.md
+++ b/Exploits/References.md
@@ -60,3 +60,9 @@
 
 [PowerSploit](https://github.com/PowerShellMafia/PowerSploit.git)
 [nishang](https://github.com/samratashok/nishang.git)
+
+# Exploits
+
+## Web
+
+* [Grafana LFI <= 8.2.0](https://github.com/pedrohavay/exploit-grafana-CVE-2021-43798.git)
diff --git a/Exploits/Web/Bypass HTTP Filters.md b/Exploits/Web/Bypass HTTP Filters.md
new file mode 100644
index 0000000..a1f7997
--- /dev/null
+++ b/Exploits/Web/Bypass HTTP Filters.md	
@@ -0,0 +1,5 @@
+# Bypass HTTP Filters
+
+## Double Encode URL Parameters
+
+Double encoding URL parameters via URL encoding sometimes bypasses the WAF