diff --git a/CHANGELOG.md b/CHANGELOG.md
index 20bc3a6c..39cb041a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@
 
 **Changelog:**
 
+- Add support for SHAKE128 and SHAKE256 from FIPS 202 ([#398](https://github.com/orion-rs/orion/pull/398)).
 - Bump copyright year to 2024.
 - Bump MSRV to `1.80.0`.
 - Update CI dependencies.
diff --git a/Cargo.toml b/Cargo.toml
index 41cb4646..772a6a25 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,26 +1,22 @@
 [package]
 name = "orion"
-version = "0.17.6"
+version = "0.17.7"
 authors = ["brycx <brycx@protonmail.com>"]
 description = "Usable, easy and safe pure-Rust crypto"
-keywords = [ "cryptography", "crypto", "aead", "hash", "mac" ]
-categories = [ "cryptography", "no-std" ]
+keywords = ["cryptography", "crypto", "aead", "hash", "mac"]
+categories = ["cryptography", "no-std"]
 edition = "2021"
-rust-version = "1.80" # Update CI (MSRV) test along with this.
+rust-version = "1.80"                                        # Update CI (MSRV) test along with this.
 readme = "README.md"
 repository = "https://github.com/orion-rs/orion"
 documentation = "https://docs.rs/orion"
 license = "MIT"
-exclude = [
-    ".gitignore",
-    ".travis.yml",
-    "tests/*"
-]
+exclude = [".gitignore", ".travis.yml", "tests/*"]
 
 [dependencies]
 subtle = { version = "^2.2.2", default-features = false }
 zeroize = { version = "1.1.0", default-features = false }
-fiat-crypto = {version = "0.2.1", default-features = false}
+fiat-crypto = { version = "0.2.1", default-features = false }
 getrandom = { version = "0.2.0", optional = true }
 ct-codecs = { version = "1.1.1", optional = true }
 
@@ -31,8 +27,8 @@ default-features = false
 features = ["alloc"]
 
 [features]
-default = [ "safe_api" ]
-safe_api = [ "getrandom", "ct-codecs" ]
+default = ["safe_api"]
+safe_api = ["getrandom", "ct-codecs"]
 alloc = []
 experimental = []
 
diff --git a/README.md b/README.md
index 05ace6f1..5ee8c530 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,7 @@ Orion is a cryptography library written in pure Rust. It aims to provide easy an
 Currently supports:
 * **AEAD**: (X)ChaCha20-Poly1305.
 * **Hashing**: BLAKE2b, SHA2, SHA3.
+* **XOF**: SHAKE128, SHAKE256.
 * **KDF**: HKDF, PBKDF2, Argon2i.
 * **Key exchange**: X25519.
 * **MAC**: HMAC, Poly1305.
diff --git a/src/hazardous/hash/sha3/mod.rs b/src/hazardous/hash/sha3/mod.rs
index 9dbb782b..3eb70815 100644
--- a/src/hazardous/hash/sha3/mod.rs
+++ b/src/hazardous/hash/sha3/mod.rs
@@ -749,10 +749,6 @@ impl<const RATE: usize> Shake<RATE> {
             self.state_to_buffer();
         }
 
-        // TODO: Testing
-        // [1]: squeeze(RATE/2) => squeeze(RATE*2) <=> squeeze(RATE*2) => squeeze(RATE/2)
-        // [3]: squeeze(7) => squeeze(1) <=> squeeze(8)
-
         for out_b in dest.iter_mut() {
             debug_assert!(self.to_squeeze <= RATE);