diff --git a/README.md b/README.md
index 41f0b73..2a83df0 100644
--- a/README.md
+++ b/README.md
@@ -8,16 +8,17 @@
 #### Nmap
 
 
-
-
-```powershell
+##### Powershell
+```
 nmap -sn -n --disable-arp-ping IP | grep -v "host down"
 ```
 -sn : Disable port scanning. Host discovery only.
 -n : Never do DNS resolution
 
 
-```bash
+##### Bash
+> Basic Scan
+```
 sudo nmap -sSV -p- IP -oA nmap/initial -T4
 sudo nmap -sSV -oA OUTPUTFILE -T4 -iL INPUTFILE.csv
 ```
@@ -27,7 +28,7 @@ sudo nmap -sSV -oA OUTPUTFILE -T4 -iL INPUTFILE.csv
 • -iL INPUTFILE tells Nmap to use the provided file as inputs
 
 > This configuration is enough to do a basic check for a CTF VM
-```bash
+```
 nmap -sV -sC -oA nmap/initial IP
 ```
 -sV : Probe open ports to determine service/version info
@@ -38,8 +39,8 @@ After this quick command you can add "-p-" to run a full scan while you work wit
 
 
 
-> Aggressive NMAP
-```bash
+> Aggressive Nmap
+```
 nmap -A -T4 scanme.nmap.org
 • -A: Enable OS detection, version detection, script scanning, and traceroute
 • -T4: Defines the timing for the task (options are 0-5 and higher is faster)
@@ -51,5 +52,15 @@ nmap -A -T4 scanme.nmap.org
 masscan IP -p 1-65535 --rate 100 -oX masscan.xml
 ```
 
-### 
+### enumeration
+
+#### GoBuster
+
+> Dir Mode
+```
+gobuster dir -u URL -w /secondary/wordlists/more-lists/dirb/
+```
+
+
+## Stage 2