diff --git a/Cheatsheet_ExploitDev.txt b/Cheatsheet_ExploitDev.txt
index 95fe6d1..4e0bba1 100644
--- a/Cheatsheet_ExploitDev.txt
+++ b/Cheatsheet_ExploitDev.txt
@@ -39,4 +39,17 @@ for buffstring in buffer:
 "\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0"
 "\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef"
 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe"
-"\xff"
\ No newline at end of file
+"\xff"
+
+
+[+] Structured Exception Handler (SEH) Exploitation notes
+
+- Crash the application
+- Check SEH overwirte (view-seh chain)
+- Find offset (!mona pattern_create <length>)
+- Find certain SEH references to the cyclic pattern (!mona findmsp)
+- Verify offset to NSEH (Next Exception)
+- Find POP/POP/RET address with mona (!mona seh -cpb <bad chars>)
+- Add short jump into payload to jump ofver SEH ("\xeb\x06" + 2 bytes of padding)
+- Add shellcode to the payload
+- Ensure existing padding to make sure the crash still happens.
\ No newline at end of file