p0dalirius
Security Researcher, Speaker, Microsoft MVP in Security
Podalirius Labshttps://podalirius.net/
Pinned Repositories
ApacheTomcatScanner
A python script to scan for Apache Tomcat server vulnerabilities.
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
ExtractBitlockerKeys
A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.
FindUncommonShares
FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.
ipsourcebypass
This Python script can be used to bypass IP source restrictions using HTTP headers.
LDAPmonitor
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
LDAPWordlistHarvester
A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.
webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
windows-coerced-authentication-methods
A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols.
p0dalirius's Repositories
p0dalirius/Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
p0dalirius/LDAPmonitor
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
p0dalirius/ApacheTomcatScanner
A python script to scan for Apache Tomcat server vulnerabilities.
p0dalirius/webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
p0dalirius/FindUncommonShares
FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.
p0dalirius/ipsourcebypass
This Python script can be used to bypass IP source restrictions using HTTP headers.
p0dalirius/ExtractBitlockerKeys
A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.
p0dalirius/CVE-2022-21907-http.sys
Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
p0dalirius/RDWAtool
A python script to extract information from a Microsoft Remote Desktop Web Access (RDWA) application
p0dalirius/CVE-2021-43008-AdminerRead
Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability
p0dalirius/LFIDump
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.
p0dalirius/pyLAPS
Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.
p0dalirius/ldapconsole
The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.
p0dalirius/sectools
A Python native library containing lots of useful functions to write efficient scripts to hack stuff.
p0dalirius/p0dalirius
Front page README of my GitHub profile
p0dalirius/DomainUsersToXLSX
Extract all users from an Active Directory domain to an Excel worksheet.
p0dalirius/AccountShadowTakeover
A python script to automatically add a KeyCredentialLink to newly created users, by quickly connecting to them with default credentials.
p0dalirius/CVE-2022-30780-lighttpd-denial-of-service
CVE-2022-30780 - lighttpd remote denial of service
p0dalirius/CodeIgniter-session-unsign
Command line tool to fetch, decode and brute-force CodeIgniter session cookies by guessing and bruteforcing secret keys.
p0dalirius/DescribeNTSecurityDescriptor
A python tool to parse and describe the contents of a raw ntSecurityDescriptor structure.
p0dalirius/goLAPS
Go setter/getter for property ms-Mcs-AdmPwd used by LAPS.
p0dalirius/Joomla-1.6-1.7-2.5-Privilege-Escalation-Vulnerability
A Python script to create an administrator account on Joomla! 1.6/1.7/2.5 using a privilege escalation vulnerability
p0dalirius/DescribeSDDL
A python tool to parse and describe the SDDL string.
p0dalirius/impacket
Impacket is a collection of Python classes for working with network protocols.
p0dalirius/linux-kernels
List of linux kernel versions and download links in JSON
p0dalirius/streamableDownloader
A simple python script to download videos hosted on streamable from their link
p0dalirius/UsersWithPwdLastSetOlderThan
Extract all users from an Active Directory domain with password last set older than X days to an Excel worksheet.
p0dalirius/CVE-2020-8813-Cacti-RCE-in-graph_realtime
CVE-2020-8813 - RCE through graph_realtime.php in Cacti 1.2.8
p0dalirius/ADcheck
p0dalirius/BloodHound.py
A Python based ingestor for BloodHound