diff --git a/README.md b/README.md
index 611cfa6..7f2a767 100644
--- a/README.md
+++ b/README.md
@@ -100,6 +100,11 @@ See [tools/no_aslr.cpp](tools/no_aslr.cpp)
 * `Result get_aslr(AslrState &state)`: save the current ASLR state
 * `Result set_aslr(const AslrState &state)`: set a previously-saved ASLR state
 
+
+
+
+
+
 ### Flush file system caches
 
 `perfect` can drop various filesystem caches
@@ -188,6 +193,41 @@ See [examples/cpu_cache.cpp](examples/cpu_cache.cpp).
 
 * `void flush_all(void *p, const size_t n)`: Flush all cache lines starting at `p` for `n` bytes.
 
+## Tools
+
+### tools/addr
+
+Print the address of `main`, a stack variable, and a heap variable.
+Useful for demoing ASLR.
+
+### tools/no-aslr
+
+Disable ASLR on the provided execution.
+
+With ASLR, addresses are different with each invocation
+```
+$ tools/addr
+main:  94685074364704
+stack: 140734279743492
+heap:  94685084978800
+$ tools/addr
+main:  93891046344992
+stack: 140722671706708
+heap:  93891068624496
+```
+
+Without ASLR, addresses are the same in each invocation
+```
+$ tools/no-aslr tools/addrs       
+main:  93824992233760
+stack: 140737488347460
+heap:  93824994414192
+$ tools/no-aslr tools/addrs       
+main:  93824992233760
+stack: 140737488347460
+heap:  93824994414192
+```
+
 ## Changelog
 
 * v0.5.0