<attackflow.txt>
1.dirsearch #Directory Fuzzing
2.subfinder #Subdomain Fuzzing
3.sublist3r #Subdomain Fuzzing
4.subover #Find Subdomain Takeover
5.subzy #Find Subdomain Takeover
6.cors_scan.py #Misconfiguration Cross Origin Resource Sharing
7.waybackurls #Method Fuzzing
8.gau #Method Fuzzing
9.qsreplace #Custom Method Value
10.oralyzer.py #Find Open Redirect
11.arjun #Find Hidden Parameter
12.kxss #Test XSS
13.nuclei #Vulnerability Scanner
14.dalfox / xspear #Find vulnerability OR XSS

<command.txt>
1.simple GHDB Command
2.Best nmap Command
3.ssl strip command
4.Favorite XSS Command
5.XSS Bypass or Encoding

<reference.txt>
1.PT or BugHunting Tool
2.XSS Payload
3.HEX + URL Encoding
4.String.from(Charcod)
5.Unicode
6.GHDB Command
7.WMIC Command