3 files changed, 6 insertions, 4 deletions

diff --git a/config/default_php8.rules b/config/default_php8.rules
index 096f033..a6edfbe 100644
--- a/config/default_php8.rules
+++ b/config/default_php8.rules
@@ -26,7 +26,7 @@ sp.xxe_protection.enable();
 # PHP has a lot of wrappers, most of them aren't usually useful, you should
 # only enable the ones you're using.
 # sp.wrappers_whitelist.list("file,php,phar");
-# The "php" wrapper can be further filtered
+# The "php" wrapper can be further filtered, e.g. to only allow `php://stdout`, `php://stdin` and `php://stderr`:
 # sp.wrappers_whitelist.php_list("stdout,stdin,stderr");
 
 # Prevent sloppy comparisons.
diff --git a/doc/source/config.rst b/doc/source/config.rst
index 75392d7..525885f 100644
--- a/doc/source/config.rst
+++ b/doc/source/config.rst
@@ -399,7 +399,7 @@ Allowlist of the php stream-wrapper
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 :ref:`The php-stream-wrapper allowlist <php-stream-wrapper-allowlist-feature>`
-allows to explicitly allow the builtin `php streams <https://www.php.net/manual/en/wrappers.php.php>`__.
+allows to explicitly restrict the permitted builtin `php streams <https://www.php.net/manual/en/wrappers.php.php>`__.
 
 ::
 
diff --git a/doc/source/features.rst b/doc/source/features.rst
index 3855f2a..32a535b 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -406,10 +406,12 @@ The builtin `"php" stream wrapper <https://www.php.net/manual/en/wrappers.php.ph
 has support for common streams, like ``stdin``, ``stdout`` or ``stderr``, but
 also for the dangerous ``filter`` one.
 
-Examples of related vulnerability
-"""""""""""""""""""""""""""""""""
+Examples of related vulnerabilities
+"""""""""""""""""""""""""""""""""""
 
 - `CNEXT exploits <https://github.com/ambionics/cnext-exploits/>`__
+- Synacktiv's `php_filter_chain_generator <https://github.com/synacktiv/php_filter_chain_generator>`__ tool
+- Ambionic's `wrapwrap <https://github.com/ambionics/wrapwrap>`__ tool
 
 .. _eval-feature: