Pinned Repositories
__v1__
Portswigger Poc - Reflected XSS protected by very strict CSP, with dangling markup attack - Account Takeover [ CSRF Token Exifiltrate + Change Email Auto Submit ]
Code-Review
Drupalwned
Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in Drupal CMS.
java-insecure-deserialization
JoomSploit
JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in Joomla CMS.
knowsmore
KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).
lastwhisper
lastwhisper will help you when no more hope, the idea behind lastwhisper is simple but it's a powerful tool
PrestaXSRF
PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in PrestaShop E-Commerce
SlackArch
script that install and compile all tools needed by the https://github.com/KingOfBugbounty/KingOfBugBountyTips/ repository for arch-based system's and their API's
WPXStrike
WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in WordPress
nowak0x01's Repositories
nowak0x01/WPXStrike
WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in WordPress
nowak0x01/PrestaXSRF
PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in PrestaShop E-Commerce
nowak0x01/Drupalwned
Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in Drupal CMS.
nowak0x01/JoomSploit
JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals vulnerabilities in Joomla CMS.
nowak0x01/Code-Review
nowak0x01/lastwhisper
lastwhisper will help you when no more hope, the idea behind lastwhisper is simple but it's a powerful tool
nowak0x01/java-insecure-deserialization
nowak0x01/knowsmore
KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).
nowak0x01/SlackArch
script that install and compile all tools needed by the https://github.com/KingOfBugbounty/KingOfBugBountyTips/ repository for arch-based system's and their API's
nowak0x01/__v1__
Portswigger Poc - Reflected XSS protected by very strict CSP, with dangling markup attack - Account Takeover [ CSRF Token Exifiltrate + Change Email Auto Submit ]
nowak0x01/jwt-editor
A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decryption of JWE and automation of several well-known attacks against applications that consume JWT.
nowak0x01/nowak0x01.github.io
blog
nowak0x01/ohyeahimjusttypingnothingwithnothingmytrashphptooltoverifydisable_functionsphphaveaniceday
nowak0x01/phar-polyglot-files
nowak0x01/php-insecure-deserialization
nowak0x01/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
nowak0x01/portswigger-cachepoisoning-unintended-sollution
Lab: Cache key injection [Expert] - Unintended Sollution Poc
nowak0x01/portswigger-lab-internal_cache_poisoning-unintended-solution
Portswigger Internal Cache Poisoning [Expert] Unintended Solution - https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws/lab-web-cache-poisoning-internal