Skip to content
Avatar
🦋
🦋

Sponsors

@mxrch
Private Sponsor
Block or Report

Block or report p0dalirius

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Add an optional note:
Please don't include any personal information such as legal names or email addresses. Maximum 100 characters. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
p0dalirius/README.md

Podalirius 🦋

French Security Researcher 🇫🇷 | OSCP

I'm a french Security Researcher publishing opensource security tools to test for vulnerabilities on many environments. I truly love to tinker with undefined behaviors in computers, mostly in Windows, Active Directory and various web apps. I've publicly released 78 projects and tools so far, and I'm planning to publish many more! 🥳

If any of my tools helped you, please consider sponsoring my work! Sponsorship will help me cover the costs of my projects (server costs, mainframe restoration, buying books on a research subject ...). You can support my work through Patreon: https://www.patreon.com/podalirius

I'm also constantly reporting security vulnerabilities found everywhere. I currently have reported 10 of security vulnerabilities found in the wild (see responsible disclosures) and got 6 CVEs (CVE-2020-16147, CVE-2020-16148, CVE-2021-43008, CVE-2022-26159, CVE-2022-29710, CVE-2022-30780) + 2 waiting for release

Connect with me:


Summary of my tools

Active Directory tools

  • AccountShadowTakeover: A python script to automatically add a KeyCredentialLink to newly created users, by quickly connecting to them with default credentials.
  • Coercer: A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.
  • DomainUsersToXLSX: Extract all users from an Active Directory domain to an Excel worksheet.
  • DumpSMBShare: A script to dump files and folders remotely from a Windows SMB share.
  • FindUncommonShares: A Python tool allowing to quickly find uncommon shares in vast Windows Domains.
  • ldap2json: The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
  • ldapconsole: The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
  • LDAPmonitor: Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
  • MSRPRN-Coerce: A python script to force authentification using MS-RPRN RemoteFindFirstPrinterChangeNotificationEx function (opnum 69).
  • pydsinternals: A Python native library containing necessary classes, functions and structures to interact with Windows Active Directory.
  • pyLAPS: Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.
  • TargetAllDomainObjects: A python wrapper to run a command on against all users/computers/DCs of a Windows Domain.

Web exploitation tools

  • Awesome-RCE-techniques: Awesome list of techniques to achieve Remote Code Execution on various apps!
  • crawlersuseragents: Python script to check if there is any differences in responses of an application when the request comes from a search engine's crawler.
  • http-fuzzing-scripts: A collection of http fuzzing python scripts to fuzz HTTP servers for bugs.
  • ipsourcebypass: This Python script can be used to bypass IP source restrictions using HTTP headers.
  • JoGet-plugin-webshell: A webshell plugin and interactive shell for pentesting JoGet application.
  • LimeSurvey-plugin-webshell: A webshell plugin and interactive shell for pentesting JoGet application.
  • LFIDump: A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.
  • LootApacheServerStatus: A script to automatically dump all URLs present in /server-status to a file locally.
  • Moodle-webshell-plugin: A webshell plugin and interactive shell for pentesting a Moodle instance.
  • owabrute: Hydra wrapper for bruteforcing Microsoft Outlook Web Application.
  • RDWArecon: A python script to extract information from a Microsoft Remote Desktop Web Access (RDWA) application.
  • robotstester: This Python script can enumerate all URLs present in robots.txt files, and test whether they can be accessed or not.
  • robotsvalidator: The robotsvalidator script allows you to check if URLs are allowed or disallowed by a robots.txt file.
  • TimeBasedLoginUserEnum: A script to enumerate valid usernames based on the requests response times.
  • Tomcat-application-webshell: A webshell application and interactive shell for pentesting Apache Tomcat servers.
  • webapp-wordlists: This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

Vulnerability exploits

Windows

  • DownloadPDBSymbols: A Python script to download PDB files associated with a Portable Executable (PE).
  • hivetools: A collection of python scripts to work with Windows Hives.
  • msFlagsDecoder: Decode the values of common Windows properties such as userAccountControl and sAMAccountType.
  • OffensiveBatchScripts: Offensive batch scripts.
  • SortWindowsISOs: Extract the windows major and minor build numbers from an ISO file, and automatically sort the iso files.

Data & Researches

Other

  • Argon2Cracker: A multithreaded bruteforcer of argon2 hashes.
  • ctfd-parser: A python script to dump all the challenges locally of a CTFd-based Capture the Flag.
  • factorizator: A script to factorize integers with sagemath and factordb.
  • GetFortinetSerialNumber: A Python script to extract the serial number of a remote Fortinet device.
  • GithubBackupAllRepos: A Python script to backup all repos (public or private) of a user.
  • Hashes-Harvester: Automatically extracts NTLM hashes from Windows memory dumps.
  • ParseFortinetSerialNumber: A Python script to parse Fortinet products serial numbers, and detect the associated model and version.
  • python_packages_paths: This repository contains paths to python modules from inside python modules.
  • streamableDownloader: A simple python script to download videos hosted on streamable from their link.
  • wav2mmv: WAV to MMV converter. You can then use the MMV file in input of MSSTV to decode Slow Scan Television (SSTV) sound signals.
  • WifiListProbeRequests: Monitor 802.11 probe requests from a capture file or network sniffing!

Pinned

  1. Awesome list of step by step techniques to achieve Remote Code Execution on various apps!

    Dockerfile 1.6k 171

  2. Coercer Public

    A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

    Python 1.1k 118

  3. LDAPmonitor Public

    Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

    Python 512 47

  4. This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

    Python 400 100

  5. A python script to scan for Apache Tomcat server vulnerabilities.

    Python 349 42

  6. A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.

    Python 331 42

6,413 contributions in the last year

We're celebrating 100 million developers!
2 contributions on January 30, 2022 5 contributions on January 31, 2022 4 contributions on February 1, 2022 5 contributions on February 2, 2022 11 contributions on February 3, 2022 3 contributions on February 4, 2022 1 contribution on February 5, 2022 1 contribution on February 6, 2022 6 contributions on February 7, 2022 6 contributions on February 8, 2022 No contributions on February 9, 2022 3 contributions on February 10, 2022 3 contributions on February 11, 2022 No contributions on February 12, 2022 1 contribution on February 13, 2022 No contributions on February 14, 2022 1 contribution on February 15, 2022 6 contributions on February 16, 2022 13 contributions on February 17, 2022 62 contributions on February 18, 2022 No contributions on February 19, 2022 5 contributions on February 20, 2022 7 contributions on February 21, 2022 11 contributions on February 22, 2022 1 contribution on February 23, 2022 6 contributions on February 24, 2022 48 contributions on February 25, 2022 No contributions on February 26, 2022 2 contributions on February 27, 2022 11 contributions on February 28, 2022 No contributions on March 1, 2022 140 contributions on March 2, 2022 5 contributions on March 3, 2022 No contributions on March 4, 2022 99 contributions on March 5, 2022 No contributions on March 6, 2022 2 contributions on March 7, 2022 95 contributions on March 8, 2022 6 contributions on March 9, 2022 No contributions on March 10, 2022 1417 contributions on March 11, 2022 145 contributions on March 12, 2022 134 contributions on March 13, 2022 98 contributions on March 14, 2022 67 contributions on March 15, 2022 19 contributions on March 16, 2022 29 contributions on March 17, 2022 2 contributions on March 18, 2022 656 contributions on March 19, 2022 No contributions on March 20, 2022 No contributions on March 21, 2022 No contributions on March 22, 2022 No contributions on March 23, 2022 No contributions on March 24, 2022 No contributions on March 25, 2022 3 contributions on March 26, 2022 5 contributions on March 27, 2022 220 contributions on March 28, 2022 3 contributions on March 29, 2022 3 contributions on March 30, 2022 No contributions on March 31, 2022 No contributions on April 1, 2022 6 contributions on April 2, 2022 2 contributions on April 3, 2022 No contributions on April 4, 2022 6 contributions on April 5, 2022 1 contribution on April 6, 2022 3 contributions on April 7, 2022 6 contributions on April 8, 2022 No contributions on April 9, 2022 No contributions on April 10, 2022 No contributions on April 11, 2022 1 contribution on April 12, 2022 41 contributions on April 13, 2022 No contributions on April 14, 2022 10 contributions on April 15, 2022 22 contributions on April 16, 2022 1 contribution on April 17, 2022 No contributions on April 18, 2022 No contributions on April 19, 2022 No contributions on April 20, 2022 1 contribution on April 21, 2022 10 contributions on April 22, 2022 7 contributions on April 23, 2022 56 contributions on April 24, 2022 No contributions on April 25, 2022 No contributions on April 26, 2022 1 contribution on April 27, 2022 1 contribution on April 28, 2022 2 contributions on April 29, 2022 2 contributions on April 30, 2022 8 contributions on May 1, 2022 No contributions on May 2, 2022 16 contributions on May 3, 2022 No contributions on May 4, 2022 No contributions on May 5, 2022 No contributions on May 6, 2022 No contributions on May 7, 2022 No contributions on May 8, 2022 No contributions on May 9, 2022 No contributions on May 10, 2022 No contributions on May 11, 2022 No contributions on May 12, 2022 4 contributions on May 13, 2022 19 contributions on May 14, 2022 16 contributions on May 15, 2022 4 contributions on May 16, 2022 1 contribution on May 17, 2022 1 contribution on May 18, 2022 19 contributions on May 19, 2022 6 contributions on May 20, 2022 9 contributions on May 21, 2022 8 contributions on May 22, 2022 12 contributions on May 23, 2022 2 contributions on May 24, 2022 1 contribution on May 25, 2022 1 contribution on May 26, 2022 No contributions on May 27, 2022 No contributions on May 28, 2022 No contributions on May 29, 2022 No contributions on May 30, 2022 239 contributions on May 31, 2022 7 contributions on June 1, 2022 5 contributions on June 2, 2022 No contributions on June 3, 2022 No contributions on June 4, 2022 3 contributions on June 5, 2022 No contributions on June 6, 2022 No contributions on June 7, 2022 No contributions on June 8, 2022 No contributions on June 9, 2022 No contributions on June 10, 2022 1 contribution on June 11, 2022 No contributions on June 12, 2022 No contributions on June 13, 2022 No contributions on June 14, 2022 41 contributions on June 15, 2022 2 contributions on June 16, 2022 No contributions on June 17, 2022 No contributions on June 18, 2022 2 contributions on June 19, 2022 2 contributions on June 20, 2022 6 contributions on June 21, 2022 1 contribution on June 22, 2022 4 contributions on June 23, 2022 No contributions on June 24, 2022 2 contributions on June 25, 2022 5 contributions on June 26, 2022 No contributions on June 27, 2022 No contributions on June 28, 2022 No contributions on June 29, 2022 8 contributions on June 30, 2022 23 contributions on July 1, 2022 No contributions on July 2, 2022 No contributions on July 3, 2022 10 contributions on July 4, 2022 65 contributions on July 5, 2022 9 contributions on July 6, 2022 268 contributions on July 7, 2022 12 contributions on July 8, 2022 10 contributions on July 9, 2022 1 contribution on July 10, 2022 No contributions on July 11, 2022 10 contributions on July 12, 2022 1 contribution on July 13, 2022 No contributions on July 14, 2022 No contributions on July 15, 2022 3 contributions on July 16, 2022 15 contributions on July 17, 2022 18 contributions on July 18, 2022 5 contributions on July 19, 2022 5 contributions on July 20, 2022 4 contributions on July 21, 2022 8 contributions on July 22, 2022 3 contributions on July 23, 2022 3 contributions on July 24, 2022 No contributions on July 25, 2022 No contributions on July 26, 2022 No contributions on July 27, 2022 9 contributions on July 28, 2022 4 contributions on July 29, 2022 18 contributions on July 30, 2022 15 contributions on July 31, 2022 11 contributions on August 1, 2022 27 contributions on August 2, 2022 10 contributions on August 3, 2022 3 contributions on August 4, 2022 5 contributions on August 5, 2022 9 contributions on August 6, 2022 No contributions on August 7, 2022 1 contribution on August 8, 2022 3 contributions on August 9, 2022 No contributions on August 10, 2022 84 contributions on August 11, 2022 6 contributions on August 12, 2022 15 contributions on August 13, 2022 No contributions on August 14, 2022 No contributions on August 15, 2022 3 contributions on August 16, 2022 1 contribution on August 17, 2022 No contributions on August 18, 2022 No contributions on August 19, 2022 No contributions on August 20, 2022 1 contribution on August 21, 2022 3 contributions on August 22, 2022 7 contributions on August 23, 2022 3 contributions on August 24, 2022 3 contributions on August 25, 2022 2 contributions on August 26, 2022 No contributions on August 27, 2022 3 contributions on August 28, 2022 No contributions on August 29, 2022 8 contributions on August 30, 2022 1014 contributions on August 31, 2022 4 contributions on September 1, 2022 1 contribution on September 2, 2022 No contributions on September 3, 2022 1 contribution on September 4, 2022 No contributions on September 5, 2022 4 contributions on September 6, 2022 1 contribution on September 7, 2022 No contributions on September 8, 2022 3 contributions on September 9, 2022 13 contributions on September 10, 2022 2 contributions on September 11, 2022 No contributions on September 12, 2022 No contributions on September 13, 2022 47 contributions on September 14, 2022 6 contributions on September 15, 2022 1 contribution on September 16, 2022 8 contributions on September 17, 2022 No contributions on September 18, 2022 3 contributions on September 19, 2022 3 contributions on September 20, 2022 1 contribution on September 21, 2022 2 contributions on September 22, 2022 2 contributions on September 23, 2022 23 contributions on September 24, 2022 2 contributions on September 25, 2022 7 contributions on September 26, 2022 1 contribution on September 27, 2022 1 contribution on September 28, 2022 No contributions on September 29, 2022 2 contributions on September 30, 2022 No contributions on October 1, 2022 1 contribution on October 2, 2022 No contributions on October 3, 2022 No contributions on October 4, 2022 7 contributions on October 5, 2022 3 contributions on October 6, 2022 1 contribution on October 7, 2022 No contributions on October 8, 2022 No contributions on October 9, 2022 No contributions on October 10, 2022 2 contributions on October 11, 2022 No contributions on October 12, 2022 No contributions on October 13, 2022 No contributions on October 14, 2022 No contributions on October 15, 2022 No contributions on October 16, 2022 No contributions on October 17, 2022 No contributions on October 18, 2022 1 contribution on October 19, 2022 2 contributions on October 20, 2022 No contributions on October 21, 2022 No contributions on October 22, 2022 No contributions on October 23, 2022 No contributions on October 24, 2022 No contributions on October 25, 2022 1 contribution on October 26, 2022 No contributions on October 27, 2022 No contributions on October 28, 2022 No contributions on October 29, 2022 No contributions on October 30, 2022 No contributions on October 31, 2022 No contributions on November 1, 2022 No contributions on November 2, 2022 4 contributions on November 3, 2022 No contributions on November 4, 2022 No contributions on November 5, 2022 2 contributions on November 6, 2022 2 contributions on November 7, 2022 No contributions on November 8, 2022 1 contribution on November 9, 2022 No contributions on November 10, 2022 No contributions on November 11, 2022 No contributions on November 12, 2022 No contributions on November 13, 2022 No contributions on November 14, 2022 1 contribution on November 15, 2022 No contributions on November 16, 2022 No contributions on November 17, 2022 1 contribution on November 18, 2022 No contributions on November 19, 2022 No contributions on November 20, 2022 No contributions on November 21, 2022 No contributions on November 22, 2022 1 contribution on November 23, 2022 1 contribution on November 24, 2022 No contributions on November 25, 2022 No contributions on November 26, 2022 No contributions on November 27, 2022 1 contribution on November 28, 2022 No contributions on November 29, 2022 7 contributions on November 30, 2022 3 contributions on December 1, 2022 No contributions on December 2, 2022 No contributions on December 3, 2022 No contributions on December 4, 2022 9 contributions on December 5, 2022 No contributions on December 6, 2022 No contributions on December 7, 2022 No contributions on December 8, 2022 No contributions on December 9, 2022 No contributions on December 10, 2022 17 contributions on December 11, 2022 1 contribution on December 12, 2022 10 contributions on December 13, 2022 17 contributions on December 14, 2022 12 contributions on December 15, 2022 3 contributions on December 16, 2022 299 contributions on December 17, 2022 No contributions on December 18, 2022 No contributions on December 19, 2022 6 contributions on December 20, 2022 3 contributions on December 21, 2022 6 contributions on December 22, 2022 3 contributions on December 23, 2022 5 contributions on December 24, 2022 8 contributions on December 25, 2022 3 contributions on December 26, 2022 3 contributions on December 27, 2022 3 contributions on December 28, 2022 No contributions on December 29, 2022 No contributions on December 30, 2022 No contributions on December 31, 2022 No contributions on January 1, 2023 No contributions on January 2, 2023 No contributions on January 3, 2023 No contributions on January 4, 2023 No contributions on January 5, 2023 2 contributions on January 6, 2023 No contributions on January 7, 2023 No contributions on January 8, 2023 3 contributions on January 9, 2023 1 contribution on January 10, 2023 No contributions on January 11, 2023 5 contributions on January 12, 2023 No contributions on January 13, 2023 No contributions on January 14, 2023 4 contributions on January 15, 2023 No contributions on January 16, 2023 4 contributions on January 17, 2023 2 contributions on January 18, 2023 1 contribution on January 19, 2023 No contributions on January 20, 2023 2 contributions on January 21, 2023 No contributions on January 22, 2023 No contributions on January 23, 2023 1 contribution on January 24, 2023 2 contributions on January 25, 2023 29 contributions on January 26, 2023 2 contributions on January 27, 2023 15 contributions on January 28, 2023 3 contributions on January 29, 2023 2 contributions on January 30, 2023 Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Mon Wed Fri

Contribution activity

January 2023

Opened 1 pull request in 1 repository
fortra/impacket 1 open
Reviewed 1 pull request in 1 repository
p0dalirius/Argon2Cracker 1 pull request
Opened 1 issue in 1 repository
44 contributions in private repositories Jan 6 – Jan 30

Seeing something unexpected? Take a look at the GitHub profile guide.