diff --git a/README.md b/README.md
index c20b5fc..291152b 100644
--- a/README.md
+++ b/README.md
@@ -6,14 +6,15 @@ Why post stuff like this in public? Valve doesn't care anymore, see the [model_b
 
 ### Status
 
-| Exploit            | Fixed    | Found Date | Fixed Date  | Credits        |
-|--------------------|----------|------------|-------------|----------------|
-| model_bug          | Yes      | [??-10-2018](https://github.com/ValveSoftware/csgo-osx-linux/issues/1888) | [23-07-2020](https://blog.counter-strike.net/index.php/2020/07/30991/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
-| panora_mitm_xss    | Yes      | 04-05-2019 | [07-05-2019](https://blog.counter-strike.net/index.php/2019/05/24111/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
-| sv_pure_bypass     | Yes      | ??-05-2019 | [29-07-2020](https://blog.counter-strike.net/index.php/2020/07/31071/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
-| sv_pure_bypass_2   | Yes      | ??-10-2019 | [04-05-2020](https://blog.counter-strike.net/index.php/2020/05/30002/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
-| sv_pure_bypass_3   | Yes      | 24-07-2020 | [06-08-2020](https://blog.counter-strike.net/index.php/2020/08/31269/) | [DepoSit](https://www.youtube.com/watch?v=aL2rQzhFTn4), [@mbhound](https://github.com/mbhound) and [@szmarczak](https://github.com/szmarczak) |
-| sv_pure_bypass_4   | Yes      | 06-08-2020 | [17-08-2020](https://blog.counter-strike.net/index.php/2020/08/31374/) | [@szmarczak](https://github.com/szmarczak) and [@mbhound](https://github.com/mbhound) |
-| sv_pure_bypass_5   | No       | 06-08-2020 |             | [@szmarczak](https://github.com/szmarczak) |
+| Exploit            | Fixed     | Found Date | Fixed Date  | Credits        |
+|--------------------|-----------|------------|-------------|----------------|
+| model_bug          | Yes       | [??-10-2018](https://github.com/ValveSoftware/csgo-osx-linux/issues/1888) | [23-07-2020](https://blog.counter-strike.net/index.php/2020/07/30991/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
+| panora_mitm_xss    | Yes       | 04-05-2019 | [07-05-2019](https://blog.counter-strike.net/index.php/2019/05/24111/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
+| sv_pure_bypass     | Yes       | ??-05-2019 | [29-07-2020](https://blog.counter-strike.net/index.php/2020/07/31071/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
+| sv_pure_bypass_2   | Yes       | ??-10-2019 | [04-05-2020](https://blog.counter-strike.net/index.php/2020/05/30002/) | [@kkthxbye-code](https://github.com/kkthxbye-code) |
+| sv_pure_bypass_3   | Yes       | 24-07-2020 | [06-08-2020](https://blog.counter-strike.net/index.php/2020/08/31269/) | [DepoSit](https://www.youtube.com/watch?v=aL2rQzhFTn4), [@mbhound](https://github.com/mbhound) and [@szmarczak](https://github.com/szmarczak) |
+| sv_pure_bypass_4   | Yes       | 06-08-2020 | [17-08-2020](https://blog.counter-strike.net/index.php/2020/08/31374/) | [@szmarczak](https://github.com/szmarczak) and [@mbhound](https://github.com/mbhound) |
+| sv_pure_bypass_5   | No        | 06-08-2020 |             | [@szmarczak](https://github.com/szmarczak) |
 | con_logfile_tricks | Partially | ??-??-2018 |             | [@kkthxbye-code](https://github.com/kkthxbye-code) |
 | netcon_stuff       | Yes       | ??-03-2020 | [26-08-2020](https://blog.counter-strike.net/index.php/2020/08/31476/) | [@403-fruit](https://github.com/403-Fruit) and [@szmarczak](https://github.com/szmarczak) |
+| netcon_hitmarker   | No        | 10-08-2020 |             | [DepoSit](https://youtu.be/T7ShZxNGr5E?t=226) and [@szmarczak](https://github.com/szmarczak) |
diff --git a/netcon_hitmarker/README.md b/netcon_hitmarker/README.md
new file mode 100644
index 0000000..9ff4591
--- /dev/null
+++ b/netcon_hitmarker/README.md
@@ -0,0 +1,37 @@
+## Hitmarker
+
+![](example.gif)
+
+Changes the crosshair color when you hit an enemy, even through walls. It works by checking `soundinfo` for hit sounds.
+
+When you run the script, the following is executed:
+
+```
+alias +hitmarker_attack "+attack; echo hitmarker_on";
+alias -hitmarker_attack "-attack; echo hitmarker_off";
+bind mouse1 +hitmarker_attack;
+con_filter_enable 2;
+con_filter_text Hit!
+con_filter_text_out ""
+cl_hud_color 0
+```
+
+The script will read the `echo` message, so it will have effect only when it's toggled on.
+
+### Caveats
+
+1. Works only **close-range**.
+2. Detects only **headshots**, **helmet hits** and **kevlar hits**. Legs doesn't matter here.
+
+### Requirements
+
+* [Node.js 14+](https://nodejs.org/en/download/current/)
+
+### Usage
+
+Start CS:GO with `-netconport 2121` and then run `node hitmarker.js 2121`. Works offline and online.
+
+### Credits
+
+* [DepoSit](https://youtu.be/T7ShZxNGr5E?t=226) for discovering this exploit.
+* [@szmarczak](https://github.com/szmarczak) for improving this exploit.
diff --git a/netcon_hitmarker/example.gif b/netcon_hitmarker/example.gif
new file mode 100644
index 0000000..93cf8ab
Binary files /dev/null and b/netcon_hitmarker/example.gif differ
diff --git a/netcon_hitmarker/hitmarker.js b/netcon_hitmarker/hitmarker.js
new file mode 100644
index 0000000..5902f0b
--- /dev/null
+++ b/netcon_hitmarker/hitmarker.js
@@ -0,0 +1,71 @@
+'use strict';
+const net = require('net');
+const readline = require('readline');
+const path = require('path');
+
+const port = Number(process.argv[2] || 0);
+if (process.argv.length !== 3 || !port) {
+	console.error(`Usage: node ${path.basename(process.argv[1])} [port]`);
+	return;
+}
+
+let ticksLeft = 0;
+let timeout;
+
+const sendOnConnect = `alias +hitmarker_attack "+attack; echo hitmarker_on";
+alias -hitmarker_attack "-attack; echo hitmarker_off";
+bind mouse1 +hitmarker_attack;
+con_filter_enable 2;
+con_filter_text Hit!
+con_filter_text_out ""
+cl_hud_color 0
+`;
+
+const resetCrosshair = `clear; cl_hud_color 0; cl_crosshaircolor 5; cl_crosshaircolor_r 0; cl_crosshaircolor_g 255; cl_crosshaircolor_b 0\n`;
+
+const hits = [
+	': ~)player\\headshot',
+	': ~player\\kevlar',
+	': ~)player\\bhit_helmet'
+];
+
+const socket = net.connect(port, '127.0.0.1', async () => {
+	console.log('Connected! Press CTRL+C to abort.');
+
+	socket.write(sendOnConnect);
+
+	setInterval(() => {
+		if (ticksLeft) {
+			socket.write(`soundinfo\n`);
+		
+			ticksLeft--;
+		}
+	}, 75);
+
+	const reader = readline.createInterface({
+		input: socket,
+		crlfDelay: Infinity
+	});
+
+	for await (let line of reader) {
+		line = line.trim();
+		if (line === 'hitmarker_on') {
+			clearTimeout(timeout);
+			ticksLeft = Infinity;
+
+			socket.write(resetCrosshair);
+		} else if (line === 'hitmarker_off') {
+			ticksLeft = 5;
+		} else if (hits.map(x => line.includes(x)).indexOf(true) !== -1) {
+			clearTimeout(timeout);
+
+			socket.write(`cl_hud_color 10; cl_crosshaircolor 5; cl_crosshaircolor_r 255; cl_crosshaircolor_g 0; cl_crosshaircolor_b 0; echo Hit!\n`);
+			
+			timeout = setTimeout(() => {
+				socket.write(resetCrosshair);
+			}, 400);
+		}
+	}
+});
+
+socket.setEncoding('utf8');