Tooling

Not a "top 10 hacking tools" list. These are specific configurations, workflows, and automation patterns I actually use. If a tool is listed here it earns its place in my workflow. Not listed because it's popular on Twitter.

Burp Suite

Extensions, intruder patterns, match-and-replace tricks, session handling macros, and Collaborator workflows. Still the single most important tool in the kit.

Nuclei

Custom template writing beyond the defaults, workflow chaining, and integration with recon pipelines. Default templates are fine for automated scanning. Custom templates are where nuclei becomes a real weapon.

ffuf

Content discovery configs, wordlist selection strategy, parameter fuzzing, and recursive bruting. The wordlist matters more than the tool.

Browser DevTools

Network tab hunting, console techniques for DOM XSS, Application tab secrets, and performance profiling for race conditions. Free, built in, underrated.

Automation Frameworks

Building recon and scanning pipelines. Axiom for distributed scanning. Bash/Python orchestration patterns. Notification and alerting.

AI-Assisted Hunting

Using LLMs for JS bundle analysis, agentic recon workflows, code review. New territory and the tooling is evolving fast. Will update as patterns mature.

BugBounty.info

Explorer

Tooling

Tooling

Burp Suite

Nuclei

ffuf

Browser DevTools

Automation Frameworks

AI-Assisted Hunting

AI-Assisted Hunting

Automation

Browser DevTools

Burp Suite

Nuclei

ffuf