diff --git a/CHANGELOG b/CHANGELOG
deleted file mode 100644
index 42f52384..00000000
--- a/CHANGELOG
+++ /dev/null
@@ -1,128 +0,0 @@
-Version 2.2 released: yyyy-m-d
-
-* Additions
-Output the vulnerability fix if available
-Added 'WordPress Version Vulnerability' statistics
-Added Kali Linux on the list of pre-installed Linux distributions
-Added hosted wordpress detection. See issue #343.
-Add detection for all-in-one-seo-pack
-Use less memory when brute forcing with a large wordlist
-Memory Usage output
-Added cve tag to xml file
-Add documentation to readme
-Add --version switch
-Parse robots.txt
-Show twitter usernames
-Clean logfile on wpstools too
-Added pingback header
-Request_timeout and connect_timeout implemented
-Output interesting http-headers
-Kali Linux detection
-Ensure that brute forcing results are output even if an error occurs or the user exits
-Added debug output
-Fixed Version compare for issue #179
-Added ruby-progressbar version to Gemfile
-Use the redirect_to parameter on bruteforce
-Readded "junk removal" from usernames before output
-Add license file
-Output the timthumb version if found
-New enumeration system
-More error details for XSD checks
-Added default wp-content dir detection, see Issue #141.
-Added checks for well formed xml
-
-* Changed
-Trying a fix for Kali Linux
-Make a seperator between plugin name and vulnerability name
-It's WordPress, not Wordpress
-Changed wordpress.com scanning error to warning. See issue #343.
-Make output lines consistent
-Replace packetstormsecurity.org to packetstormsecurity.com
-Same URL syntax for all Packet Storm Security URL's
-Packet Storm Security URL's don't need the 'friendly part' of the URL. So it can be neglected.
-Use online documentation
-User prompt on same line
-Don't skip passwords that start with a hash. This is fairly common (see RockYou list for example).
-Updated Fedora install instructions as per Issue #92
-Slight update to security plugin warning. Issue #212.
-Ruby-progressbar Gemfile version bump
-Fix error with the -U option (undefined method 'merge' for #WpTarget:)
-Banner artwork
-Fix hacks.rb conflict
-Handle when there are 2 headers of the same name
-Releasing the Typhoeus version constraint
-Amended Arch Linux install instructions. See issue #183.
-
-* Update
-Plugins & Themes updated
-Update README.md
-Updated documentation
-
-* Remove
-Removed 'smileys' in output messages
-Removed 'for WordPress' and 'plugin' in title strings.
-Removed reference
-Removed useless code
-Removed duplicate vulnerabilities
-
-* General core
-Code cleaning
-Fix typo's
-clean up rspecs
-Themes & Plugins lists regenerated
-Rspecs update
-Code Factoring
-Added checks for old ruby. Otherwise there will be syntax errors
-
-* Vulnerabilities
-Update WordPress Vulnerabilities
-Update timthumb due to Secunia #54801
-Added WP vuln: 3.4 - 3.5.1 wp-admin/users.php FPD
-
-* WPScan Databse Statistics:
-Total vulnerable versions: 76, 4 are new
-Total vulnerable plugins: 606, 197 are new
-Total vulnerable themes: 194, 45 are new
-Total version vulnerabilities: 274, 53 are new
-Total plugin vulnerabilities: 764, 270 are new
-Total theme vulnerabilities: 198, 46 are new
-
-* Add WP Fingerprints
-WP 3.7.1 Fingerprinting
-WP 3.7 Fingerprinting
-Ref #280 WP 3.6.1 fingerprint
-Added WP 3.6 advanced fingerprint hash. See Issue #255.
-Updated MD5 hash of WP 3.6 detection. See Issue #277.
-WP 3.5.2 Fingerprint
-Bug Fix : Wp 3.5 & 3.5.1 not detected from advanced fingerprinting.
-
-* Fixed issues
-Fix #249 - [ERROR] "\xF1" on US-ASCII
-Fix #275 - [ERROR] "\xC3" on US-ASCII
-Fix #271 - Further Instructions added to the Mac Install
-Fix #266 - passive detection regex
-Fix #265 - remove base64 images before passive detection
-Fix #262 - [ERROR] bad component(expected absolute path component)
-Fix #260 - Fixes Travis Fail, due to rspec-mock v2.14.3
-Fix #208 - Fixed vulnerable plugins still appear in the results
-Fix #245 - all theme enumeration error
-Fix #241 - Cant convert array to string
-Fix #232 - Crash while enumerating usernames
-Fix #223 - New wordpress urls for most popular plugins & themes
-Fix #177 - Passive Cache plugins detection (no spec)
-Fix #169 - False reports
-Fix #182 - Remove the progress-bar static length (120), and let it to automatic
-Fix #181 - Don't exit if no usernames found during a simple enumeration (but exit if a brute force is asked)
-Fix #200 - Log file not recording the list of username retireved
-Fix #164 - README.txt detection
-Fix #166 - ListGenerator using the old Browser#get method for full generation
-Fix #153 - Disable error trace when it's from the main script
-Fix #163 - in the proper way
-Fix #144 - Use cookie jar to prevent infinite redirections loop
-Fix #158 - Add the solution to 'no such file to load -- rubygems' in the README
-Fix #152 - invalid ssl_certificate - response code 0
-Fix #147 - can't modify frozen string
-Fix #140 - xml_rpc_url in the body
-Fix #153 - No error trace when 'No argument supplied'
-
-Version 2.1 released 2013-3-4
diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 00000000..4b0161ea
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,133 @@
+# Changelog
+
+## Version 2.2 
+Released: yyyy-m-d
+
+Added
+* Output the vulnerability fix if available
+* Added 'WordPress Version Vulnerability' statistics
+* Added Kali Linux on the list of pre-installed Linux distributions
+* Added hosted wordpress detection. See issue #343.
+* Add detection for all-in-one-seo-pack
+* Use less memory when brute forcing with a large wordlist
+* Memory Usage output
+* Added cve tag to xml file
+* Add documentation to readme
+* Add --version switch
+* Parse robots.txt
+* Show twitter usernames
+* Clean logfile on wpstools too
+* Added pingback header
+* Request_timeout and connect_timeout implemented
+* Output interesting http-headers
+* Kali Linux detection
+* Ensure that brute forcing results are output even if an error occurs or the user exits
+* Added debug output
+* Fixed Version compare for issue #179
+* Added ruby-progressbar version to Gemfile
+* Use the redirect_to parameter on bruteforce
+* Readded "junk removal" from usernames before output
+* Add license file
+* Output the timthumb version if found
+* New enumeration system
+* More error details for XSD checks
+* Added default wp-content dir detection, see Issue #141.
+* Added checks for well formed xml
+
+Changed
+* Trying a fix for Kali Linux
+* Make a seperator between plugin name and vulnerability name
+* It's WordPress, not Wordpress
+* Changed wordpress.com scanning error to warning. See issue #343.
+* Make output lines consistent
+* Replace packetstormsecurity.org to packetstormsecurity.com
+* Same URL syntax for all Packet Storm Security URL's
+* Packet Storm Security URL's don't need the 'friendly part' of the URL. So it can be neglected.
+* Use online documentation
+* User prompt on same line
+* Don't skip passwords that start with a hash. This is fairly common (see RockYou list for example).
+* Updated Fedora install instructions as per Issue #92
+* Slight update to security plugin warning. Issue #212.
+* Ruby-progressbar Gemfile version bump
+* Fix error with the -U option (undefined method 'merge' for #WpTarget:)
+* Banner artwork
+* Fix hacks.rb conflict
+* Handle when there are 2 headers of the same name
+* Releasing the Typhoeus version constraint
+* Amended Arch Linux install instructions. See issue #183.
+
+Updated
+* Plugins & Themes updated
+* Update README.md
+* Updated documentation
+
+Removed
+* Removed 'smileys' in output messages
+* Removed 'for WordPress' and 'plugin' in title strings.
+* Removed reference
+* Removed useless code
+* Removed duplicate vulnerabilities
+
+General core
+* Code cleaning
+* Fix typo's
+* Clean up rspecs
+* Themes & Plugins lists regenerated
+* Rspecs update
+* Code Factoring
+* Added checks for old ruby. Otherwise there will be syntax errors
+
+Vulnerabilities
+* Update WordPress Vulnerabilities
+* Update timthumb due to Secunia #54801
+* Added WP vuln: 3.4 - 3.5.1 wp-admin/users.php FPD
+
+WPScan Databse Statistics:
+* Total vulnerable versions: 76, 4 are new
+* Total vulnerable plugins: 606, 197 are new
+* Total vulnerable themes: 194, 45 are new
+* Total version vulnerabilities: 274, 53 are new
+* Total plugin vulnerabilities: 764, 270 are new
+* Total theme vulnerabilities: 198, 46 are new
+
+Add WP Fingerprints
+* WP 3.7.1 Fingerprinting
+* WP 3.7 Fingerprinting
+* Ref #280 WP 3.6.1 fingerprint
+* Added WP 3.6 advanced fingerprint hash. See Issue #255.
+* Updated MD5 hash of WP 3.6 detection. See Issue #277.
+* WP 3.5.2 Fingerprint
+* Bug Fix : Wp 3.5 & 3.5.1 not detected from advanced fingerprinting.
+
+Fixed issues
+* Fix #249 - [ERROR] "\xF1" on US-ASCII
+* Fix #275 - [ERROR] "\xC3" on US-ASCII
+* Fix #271 - Further Instructions added to the Mac Install
+* Fix #266 - passive detection regex
+* Fix #265 - remove base64 images before passive detection
+* Fix #262 - [ERROR] bad component(expected absolute path component)
+* Fix #260 - Fixes Travis Fail, due to rspec-mock v2.14.3
+* Fix #208 - Fixed vulnerable plugins still appear in the results
+* Fix #245 - all theme enumeration error
+* Fix #241 - Cant convert array to string
+* Fix #232 - Crash while enumerating usernames
+* Fix #223 - New wordpress urls for most popular plugins & themes
+* Fix #177 - Passive Cache plugins detection (no spec)
+* Fix #169 - False reports
+* Fix #182 - Remove the progress-bar static length (120), and let it to automatic
+* Fix #181 - Don't exit if no usernames found during a simple enumeration (but exit if a brute force is asked)
+* Fix #200 - Log file not recording the list of username retireved
+* Fix #164 - README.txt detection
+* Fix #166 - ListGenerator using the old Browser#get method for full generation
+* Fix #153 - Disable error trace when it's from the main script
+* Fix #163 - in the proper way
+* Fix #144 - Use cookie jar to prevent infinite redirections loop
+* Fix #158 - Add the solution to 'no such file to load -- rubygems' in the README
+* Fix #152 - invalid ssl_certificate - response code 0
+* Fix #147 - can't modify frozen string
+* Fix #140 - xml_rpc_url in the body
+* Fix #153 - No error trace when 'No argument supplied'
+
+## Version 2.1
+Released 2013-3-4
+