Update Documentation.

README.md

@@ -4,6 +4,18 @@ Wordlists I use for recon and content discovery on programs from hackerone and b
 
 # How I use these lists?
 
+## android.txt
+
+This is just the command I use to launch an android VM to use with MobileSecurityFramework as Geny motion is having issues with the GPU drivers I have on Linux.
+
+## breakpoints.txt
+
+These are commands that can be run the dev tools console of Chromium based browsers.
+
+## burp-plugins.txt
+
+These are some of the plugins for Burp I have installed but does not mean I have turned on at all times. I try not to rely on plugins too much as they distract you from looking at the core application.
+
 ## http.txt
 
 I use this as my initial discovery list.  
@@ -23,3 +35,19 @@ I generally use this if I find some sort of API/RPC type endpoint like /api to d
 I use this this after discovery API objects to try map out what actions are supported.
 
 For example say you found /api, then you found /api/account and then you run this wordlist and you find /api/account/auth
+
+## regex.txt
+
+You can use these in the burp suite search function, Logger++ or Highlight and Extract plugin.
+
+## xss.txt
+
+This is just a basic taint query I use to then trace through the application so I can easily search for "taint" and then see where it is located and which characters are escaped.
+
+## secrets.txt
+
+These were triggering WAFs too frequently so I split them out into their own file. Generally you are likely better off using Burps built in interesting files but this wordlist is nice and small.
+
+## *.vmoptions files
+
+These tune the JVM for the JRE that ships with BurpSuite. I have modified the garbage collection algorithm to use a more efficient algorithm and I have applied several graphics related tweaks.

burp-plugins.txt

@@ -1,10 +1,7 @@
 Turbo Intruder
 HTTP Request Smuggler
-Collaborator Everywhere
 JWT Editor
 Param Miner
 UUID Detector
 JS Miner
-CSRF Scanner
 OAUTH Scan
-InQL