From 715688c78c7974b3e10ed01a8e0fed23b519e118 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 5 Jan 2017 20:50:08 +0100
Subject: [PATCH] exploit-kit and TDS added

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index fa11ee3..8036b78 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,9 @@ to localized information (which is not shared) or additional information (that c
 
 # Available clusters
 
+- [clusters/exploit-kit.json](clusters/exploit-kit.json) - Exploit-Kit is an enumeration of some exploitation kits used by adversaries. The list includes document, browser and router exploit kits. It's not meant to be totally exhaustive but aim at covering the most seen in the past 5 years
 - [clusters/microsoft-activity-group.json](clusters/microsoft-activity-group.json) - Activity groups as described by Microsoft
+- [clusters/tds.json](clusters/tds.json) - TDS is a list of Traffic Direction System used by adversaries.
 - [clusters/threat-actor.json](clusters/threat-actor.json) - Adversary groups - Known or estimated adversary groups targeting organizations and employees. Adversary groups are regularly confused with their initial operation or campaign. MISP
 - [clusters/tool.json](clusters/tool.json) - tool is an enumeration of tools used by adversaries. The list includes malware but also common software regularly used by the adversaries. MISP