{"id":17995058,"url":"https://github.com/p0dalirius/p0dalirius","last_synced_at":"2025-10-15T23:21:07.251Z","repository":{"id":113562831,"uuid":"339802740","full_name":"p0dalirius/p0dalirius","owner":"p0dalirius","description":"Front page README of my GitHub profile","archived":false,"fork":false,"pushed_at":"2025-10-15T00:07:35.000Z","size":7111,"stargazers_count":34,"open_issues_count":0,"forks_count":8,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-10-15T04:54:40.417Z","etag":null,"topics":["config","github-config"],"latest_commit_sha":null,"homepage":"https://github.com/p0dalirius","language":null,"has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/p0dalirius.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"p0dalirius","patreon":"Podalirius"}},"created_at":"2021-02-17T17:29:35.000Z","updated_at":"2025-10-15T00:07:39.000Z","dependencies_parsed_at":"2024-05-03T01:45:33.328Z","dependency_job_id":"95f81822-d3d1-4b9e-b8f5-41e83ba6a1db","html_url":"https://github.com/p0dalirius/p0dalirius","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/p0dalirius/p0dalirius","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p0dalirius%2Fp0dalirius","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p0dalirius%2Fp0dalirius/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p0dalirius%2Fp0dalirius/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p0dalirius%2Fp0dalirius/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/p0dalirius","download_url":"https://codeload.github.com/p0dalirius/p0dalirius/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/p0dalirius%2Fp0dalirius/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279127040,"owners_count":26109526,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-15T02:00:07.814Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["config","github-config"],"created_at":"2024-10-29T20:17:49.455Z","updated_at":"2025-10-15T23:21:07.239Z","avatar_url":"https://github.com/p0dalirius.png","language":null,"funding_links":["https://github.com/sponsors/p0dalirius","https://patreon.com/Podalirius","https://www.github.com/sponsors/p0dalirius","https://www.patreon.com/podalirius"],"categories":[],"sub_categories":[],"readme":"![](./.github/assets/banner.png)\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"https://raw.githubusercontent.com/p0dalirius/p0dalirius/main/.github/assets/bar-follow-me-on.png\"\u003e\n \u003cbr\u003e\n \u003ca href=\"https://twitter.com/intent/follow?screen_name=podalirius_\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/p0dalirius/p0dalirius/main/.github/assets/twitter.png\" width=\"24%\" height=\"24%\"\u003e\u003c/a\u003e\n \u003ca href=\"https://www.youtube.com/c/Podalirius_?sub_confirmation=1\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/p0dalirius/p0dalirius/main/.github/assets/youtube.png\" width=\"24%\" height=\"24%\"\u003e\u003c/a\u003e\n \u003ca href=\"https://www.linkedin.com/in/remigascou/\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/p0dalirius/p0dalirius/main/.github/assets/linkedin.png\" width=\"24%\" height=\"24%\"\u003e\u003c/a\u003e\n \u003ca href=\"https://infosec.exchange/@podalirius\"\u003e\u003cimg src=\"https://raw.githubusercontent.com/p0dalirius/p0dalirius/main/.github/assets/mastodon.png\" width=\"24%\" height=\"24%\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\nI'm a Senior Security Researcher at [Specter Ops](https://specterops.io/) and [Microsoft MVP in Security](https://mvp.microsoft.com/fr-FR/MVP/profile/74f43269-95fb-ed11-8f6d-000d3a560942). I specialize in finding vulnerabilities in various environments, including Windows, Active Directory, and web applications. With a passion for tinkering with undefined behaviors in computers, I have published 116 open-source security tools so far, and there are many more to come! šŸ„³\n\nIf any of my tools have been helpful to you, please consider sponsoring my work. Sponsorship will support the costs of my projects, including server expenses, mainframe restoration, and research materials. You can support me through GitHub Sponsors [https://www.github.com/sponsors/p0dalirius](https://www.github.com/sponsors/p0dalirius) or through Patreon: [https://www.patreon.com/podalirius](https://www.patreon.com/podalirius)\n\nAs part of my dedication to security, I actively report vulnerabilities I discover. To date, I have reported and responsibly disclosed 10 security vulnerabilities found in the wild. I have also received 6 CVEs ([CVE-2020-16147](https://podalirius.net/en/cves/2020-16147/), [CVE-2020-16148](https://podalirius.net/en/cves/2020-16148/), [CVE-2021-43008](https://podalirius.net/en/cves/2021-43008/), [CVE-2022-26159](https://podalirius.net/en/cves/2022-26159/), [CVE-2022-29710](https://podalirius.net/en/cves/2022-29710/), [CVE-2022-30780](https://podalirius.net/en/cves/2022-30780/)).\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"https:/.github/assets-profile-trophy.vercel.app/?username=p0dalirius\u0026row=1\"\u003e\n\u003c/p\u003e\n\n\u003c!-- my-badges start --\u003e\n\u003ca href=\"my-badges/a-commit.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/a-commit.png\" alt=\"One of my commit sha starts with \u0026quot;a\u0026quot;.\" title=\"One of my commit sha starts with \u0026quot;a\u0026quot;.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/ab-commit.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/ab-commit.png\" alt=\"One of my commit sha starts with \u0026quot;ab\u0026quot;.\" title=\"One of my commit sha starts with \u0026quot;ab\u0026quot;.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/stars-100.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/stars-100.png\" alt=\"I collected 100 stars.\" title=\"I collected 100 stars.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/stars-500.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/stars-500.png\" alt=\"I collected 500 stars.\" title=\"I collected 500 stars.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/stars-1000.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/stars-1000.png\" alt=\"I collected 1000 stars.\" title=\"I collected 1000 stars.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/stars-2000.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/stars-2000.png\" alt=\"I collected 2000 stars.\" title=\"I collected 2000 stars.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/stars-5000.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/stars-5000.png\" alt=\"I collected 5000 stars.\" title=\"I collected 5000 stars.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/stars-10000.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/stars-10000.png\" alt=\"I collected 10000 stars.\" title=\"I collected 10000 stars.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/sleepy-coder.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/sleepy-coder.png\" alt=\"I am a sleepy coder.\" title=\"I am a sleepy coder.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/morning-commits.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/morning-commits.png\" alt=\"I commit in the morning.\" title=\"I commit in the morning.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/evening-commits.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/evening-commits.png\" alt=\"I commit in the evening.\" title=\"I commit in the evening.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/dead-commit.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/dead-commit.png\" alt=\"I pushed a commit with \u0026quot;dead\u0026quot; 2 times.\" title=\"I pushed a commit with \u0026quot;dead\u0026quot; 2 times.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/mass-delete-commit.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/mass-delete-commit.png\" alt=\"When I delete code, I delete a lot.\" title=\"When I delete code, I delete a lot.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/mass-delete-commit-10k.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/mass-delete-commit-10k.png\" alt=\"When I delete code, I delete a lot.\" title=\"When I delete code, I delete a lot.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/fix-2.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/fix-2.png\" alt=\"I did 2 sequential fixes.\" title=\"I did 2 sequential fixes.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/fix-6.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/fix-6.png\" alt=\"I did 6 sequential fixes.\" title=\"I did 6 sequential fixes.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/fix-3.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/fix-3.png\" alt=\"I did 3 sequential fixes.\" title=\"I did 3 sequential fixes.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/fix-4.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/fix-4.png\" alt=\"I did 4 sequential fixes.\" title=\"I did 4 sequential fixes.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/fix-6+.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/fix-6+.png\" alt=\"I did 7 sequential fixes.\" title=\"I did 7 sequential fixes.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/pr-collaboration-5.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/pr-collaboration-5.png\" alt=\"I have participated in pull requests with 5 or more people\" title=\"I have participated in pull requests with 5 or more people\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/pr-collaboration-10.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/pr-collaboration-10.png\" alt=\"I have participated in pull requests with 10 or more people\" title=\"I have participated in pull requests with 10 or more people\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/pr-collaboration-15.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/pr-collaboration-15.png\" alt=\"I have participated in pull requests with 15 or more people\" title=\"I have participated in pull requests with 15 or more people\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/the-ultimate-question.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/the-ultimate-question.png\" alt=\"I found the answer to the ultimate question of life, the universe, and everything!\" title=\"I found the answer to the ultimate question of life, the universe, and everything!\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/favorite-word.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/favorite-word.png\" alt=\"My favorite word is \u0026quot;added\u0026quot;.\" title=\"My favorite word is \u0026quot;added\u0026quot;.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/polite-coder.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/polite-coder.png\" alt=\"I am a polite coder.\" title=\"I am a polite coder.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/cafe-commit.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/cafe-commit.png\" alt=\"I pushed a commit with \u0026quot;cafe\u0026quot; 5 times.\" title=\"I pushed a commit with \u0026quot;cafe\u0026quot; 5 times.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/epic-commit.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/epic-commit.png\" alt=\"I made an epic commit with a message over 500 chars.\" title=\"I made an epic commit with a message over 500 chars.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/spooky-commit.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/spooky-commit.png\" alt=\"I committed on the Halloween! Boo!\" title=\"I committed on the Halloween! Boo!\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/self-upvote.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/self-upvote.png\" alt=\"I liked my own comment so much that I upvoted it.\" title=\"I liked my own comment so much that I upvoted it.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/self-star.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/self-star.png\" alt=\"I\u0026apos;ve starred 109 my own repositories.\" title=\"I\u0026apos;ve starred 109 my own repositories.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/friday-13.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/friday-13.png\" alt=\"I committed on Friday the 13th, Oneā€¦ By Oneā€¦\" title=\"I committed on Friday the 13th, Oneā€¦ By Oneā€¦\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/midnight-commits.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/midnight-commits.png\" alt=\"I commit at midnight.\" title=\"I commit at midnight.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/this-is-fine.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/this-is-fine.png\" alt=\"I merged a PR with failing checks\" title=\"I merged a PR with failing checks\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/summer-solstice-commits.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/summer-solstice-commits.png\" alt=\"I commit in the Summer solstice.\" title=\"I commit in the Summer solstice.\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/public-keys-2.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/public-keys-2.png\" alt=\"I have two public keys\" title=\"I have two public keys\" width=\"64\"\u003e\u003c/a\u003e\n\u003ca href=\"my-badges/programmers-day.md\"\u003e\u003cimg src=\"https://my-badges.github.io/my-badges/programmers-day.png\" alt=\"Happy Programmers Day! I committed on a 256 Day of Year!\" title=\"Happy Programmers Day! I committed on a 256 Day of Year!\" width=\"64\"\u003e\u003c/a\u003e\n\u003c!-- my-badges end --\u003e\n\n---\n\n## Summary of my tools\n\n\u003cdetails open\u003e\u003csummary\u003e\u003ch3\u003eActive Directory tools\u003c/h3\u003e\u003c/summary\u003e\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/AccountShadowTakeover\"\u003eAccountShadowTakeover\u003c/a\u003e: A python script to automatically add a KeyCredentialLink to newly created users, by quickly connecting to them with default credentials.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/Coercer\"\u003eCoercer\u003c/a\u003e: A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/DomainUsersToXLSX\"\u003eDomainUsersToXLSX\u003c/a\u003e: Extract all users from an Active Directory domain to an Excel worksheet.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/DumpSMBShare\"\u003eDumpSMBShare\u003c/a\u003e: A script to dump files and folders remotely from a Windows SMB share.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/ExtractBitlockerKeys\"\u003eExtractBitlockerKeys\u003c/a\u003e: A post-exploitation python script to automatically extract the bitlocker recovery keys from a domain. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/FindUncommonShares\"\u003eFindUncommonShares\u003c/a\u003e: A Python tool allowing to quickly find uncommon shares in vast Windows Domains.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/GeoWordlists\"\u003eGeoWordlists\u003c/a\u003e: GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/ldap2json\"\u003eldap2json\u003c/a\u003e: The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/ldapconsole\"\u003eldapconsole\u003c/a\u003e: The ldapconsole script allows you to perform custom LDAP requests to a Windows domain.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/LDAPmonitor\"\u003eLDAPmonitor\u003c/a\u003e: Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/LDAPWordlistHarvester\"\u003eLDAPWordlistHarvester\u003c/a\u003e: A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/MSRPRN-Coerce\"\u003eMSRPRN-Coerce\u003c/a\u003e: A python script to force authentification using MS-RPRN RemoteFindFirstPrinterChangeNotificationEx function (opnum 69).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/pydsinternals\"\u003epydsinternals\u003c/a\u003e: A Python native library containing necessary classes, functions and structures to interact with Windows Active Directory. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/pyLAPS\"\u003epyLAPS\u003c/a\u003e: Python setter/getter for property ms-Mcs-AdmPwd used by LAPS.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/TargetAllDomainObjects\"\u003eTargetAllDomainObjects\u003c/a\u003e: A python wrapper to run a command on against all users/computers/DCs of a Windows Domain.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\n\u003c!-- --\u003e\n\u003cdetails open\u003e\u003csummary\u003e\u003ch3\u003eWeb exploitation tools\u003c/h3\u003e\u003c/summary\u003e\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/ApacheTomcatScanner\"\u003eApacheTomcatScanner\u003c/a\u003e: A python script to scan for Apache Tomcat server vulnerabilities. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/Awesome-RCE-techniques\"\u003eAwesome-RCE-techniques\u003c/a\u003e: Awesome list of techniques to achieve Remote Code Execution on various apps!\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/crawlersuseragents\"\u003ecrawlersuseragents\u003c/a\u003e: Python script to check if there is any differences in responses of an application when the request comes from a search engine\u0026#39;s crawler.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CodeIgniter-session-unsign\"\u003eCodeIgniter-session-unsign\u003c/a\u003e: Command line tool to fetch, decode and brute-force CodeIgniter session cookies by guessing and bruteforcing secret keys.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/FindAzureDomainTenant\"\u003eFindAzureDomainTenant\u003c/a\u003e: A Python script to find tenant id an region from a list of domain names. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/http-fuzzing-scripts\"\u003ehttp-fuzzing-scripts\u003c/a\u003e: A collection of http fuzzing python scripts to fuzz HTTP servers for bugs. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/ipsourcebypass\"\u003eipsourcebypass\u003c/a\u003e: This Python script can be used to bypass IP source restrictions using HTTP headers. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/Joomla-1.6-1.7-2.5-Privilege-Escalation-Vulnerability\"\u003eJoomla-1.6-1.7-2.5-Privilege-Escalation-Vulnerability\u003c/a\u003e: A Python script to create an administrator account on Joomla! 1.6/1.7/2.5 using a privilege escalation vulnerability.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/LFIDump\"\u003eLFIDump\u003c/a\u003e: A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/LootApacheServerStatus\"\u003eLootApacheServerStatus\u003c/a\u003e: A script to automatically dump all URLs present in /server-status to a file locally.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/mercurial-scm-extract\"\u003emercurial-scm-extract\u003c/a\u003e: A tool to extract and dump files of mercurial SCM exposed on a web server.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/owabrute\"\u003eowabrute\u003c/a\u003e: Hydra wrapper for bruteforcing Microsoft Outlook Web Application. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/RDWArecon\"\u003eRDWArecon\u003c/a\u003e: A python script to extract information from a Microsoft Remote Desktop Web Access (RDWA) application.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/robotstester\"\u003erobotstester\u003c/a\u003e: This Python script can enumerate all URLs present in robots.txt files, and test whether they can be accessed or not.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/robotsvalidator\"\u003erobotsvalidator\u003c/a\u003e: The robotsvalidator script allows you to check if URLs are allowed or disallowed by a robots.txt file. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/TimeBasedLoginUserEnum\"\u003eTimeBasedLoginUserEnum\u003c/a\u003e: A script to enumerate valid usernames based on the requests response times.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/webapp-wordlists\"\u003ewebapp-wordlists\u003c/a\u003e: This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\n\n\u003cdetails open\u003e\u003csummary\u003e\u003ch3\u003eWeb shells\u003c/h3\u003e\u003c/summary\u003e\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/JoGet-plugin-webshell\"\u003eJoGet-plugin-webshell\u003c/a\u003e: A webshell plugin and interactive shell for pentesting JoGet application.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/LimeSurvey-plugin-webshell\"\u003eLimeSurvey-plugin-webshell\u003c/a\u003e: A webshell plugin and interactive shell for pentesting JoGet application. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/Moodle-webshell-plugin\"\u003eMoodle-webshell-plugin\u003c/a\u003e: A webshell plugin and interactive shell for pentesting a Moodle instance.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/Tomcat-application-webshell\"\u003eTomcat-application-webshell\u003c/a\u003e: A webshell application and interactive shell for pentesting Apache Tomcat servers. \u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\n\n\u003c!-- --\u003e\n\u003cdetails open\u003e\u003csummary\u003e\u003ch3\u003eVulnerability exploits\u003c/h3\u003e\u003c/summary\u003e\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/RemoteMouse-3.008-Exploit\"\u003eRemoteMouse-3.008-Exploit\u003c/a\u003e: This exploit allows to connect to the remote RemoteMouse 3.008 service to virtually press arbitrary keys and execute code on the machine. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CVE-2016-10956-mail-masta\"\u003eCVE-2016-10956-mail-masta\u003c/a\u003e: MailMasta wordpress plugin Local File Inclusion vulnerability (CVE-2016-10956).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CVE-2020-14144-GiTea-git-hooks-rce\"\u003eCVE-2020-14144-GiTea-git-hooks-rce\u003c/a\u003e: A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooks.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/AdminerRead\"\u003eCVE-2021-43008-AdminerRead\u003c/a\u003e: Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CVE-2022-21907-http.sys\"\u003eCVE-2022-21907-http.sys\u003c/a\u003e: Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML\"\u003eCVE-2022-26159-Ametys-Autocompletion-XML\u003c/a\u003e: A python exploit to automatically dump all the data stored by the auto-completion plugin of Ametys CMS to a local sqlite database file. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service\"\u003eCVE-2022-30780-lighttpd-denial-of-service\u003c/a\u003e: CVE-2022-30780 - lighttpd remote denial of service \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE\"\u003eCVE-2022-36446-Webmin-Software-Package-Updates-RCE\u003c/a\u003e: A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin \u0026lt; 1.997.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\n\n\u003cdetails open\u003e\u003csummary\u003e\u003ch3\u003eWindows\u003c/h3\u003e\u003c/summary\u003e\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/pdbdownload\"\u003epdbdownload\u003c/a\u003e: A Python script to download PDB files associated with a Portable Executable (PE).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/hivetools\"\u003ehivetools\u003c/a\u003e: A collection of python scripts to work with Windows Hives. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/msFlagsDecoder\"\u003emsFlagsDecoder\u003c/a\u003e: Decode the values of common Windows properties such as userAccountControl and sAMAccountType.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/MSSQL-Analysis-Coerce\"\u003eMSSQL-Analysis-Coerce\u003c/a\u003e: A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/OffensiveBatchScripts\"\u003eOffensiveBatchScripts\u003c/a\u003e: Offensive batch scripts.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/SortPEbyVersions\"\u003eSortPEbyVersions\u003c/a\u003e: A Python script to sort Portable Executable (PE) files by their version and download debug symbols if existing. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/SortWindowsISOs\"\u003eSortWindowsISOs\u003c/a\u003e: Extract the windows major and minor build numbers from an ISO file, and automatically sort the iso files.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/win32errorcodes\"\u003ewin32errorcodes\u003c/a\u003e: A small C/C++ library to lookup Windows error codes. \u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\n\u003c!-- --\u003e\n\u003cdetails open\u003e\u003csummary\u003e\u003ch3\u003eData \u0026 Researches\u003c/h3\u003e\u003c/summary\u003e\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/DescribeNTSecurityDescriptor\"\u003eDescribeNTSecurityDescriptor\u003c/a\u003e: A python tool to parse and describe the contents of a raw ntSecurityDescriptor structure. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/linux-kernels\"\u003elinux-kernels\u003c/a\u003e: List of linux kernel versions in JSON.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/microsoft-rpc-fuzzing-tools\"\u003emicrosoft-rpc-fuzzing-tools\u003c/a\u003e: This repository contains a list of python scripts to work with Microsoft RPC for research purposes. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/volatility3-symbols\"\u003evolatility3-symbols\u003c/a\u003e: Memory mapping profiles for forensic analysis using volatility 3.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/volatility2docker\"\u003evolatility2docker\u003c/a\u003e: A volatility 2 docker for forensic investigations.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/volatility2-profiles\"\u003evolatility2-profiles\u003c/a\u003e: Memory mapping profiles for forensic analysis using volatility 2.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/WindowsBuilds\"\u003eWindowsBuilds\u003c/a\u003e: This repository contains the list of windows builds as parsable JSON files.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/windows-coerced-authentication-methods\"\u003ewindows-coerced-authentication-methods\u003c/a\u003e: A list of methods to coerce a windows machine to authenticate to an attacker-controlled machine through a Remote Procedure Call (RPC) with various protocols. \u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\n\n\u003cdetails open\u003e\u003csummary\u003e\u003ch3\u003eOther\u003c/h3\u003e\u003c/summary\u003e\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/Argon2Cracker\"\u003eArgon2Cracker\u003c/a\u003e: A multithreaded bruteforcer of argon2 hashes.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/ctfd-parser\"\u003ectfd-parser\u003c/a\u003e: A python script to dump all the challenges locally of a CTFd-based Capture the Flag.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/CpuCoresTemperatureGraph\"\u003eCpuCoresTemperatureGraph\u003c/a\u003e: A python tool to print CPU core temperatures for each cores.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/factorizator\"\u003efactorizator\u003c/a\u003e: A script to factorize integers with sagemath and factordb. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/GetFortinetSerialNumber\"\u003eGetFortinetSerialNumber\u003c/a\u003e: A Python script to extract the serial number of a remote Fortinet device.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/GithubBackupAllRepos\"\u003eGithubBackupAllRepos\u003c/a\u003e: A Python script to backup all repos (public or private) of a user.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/Hashes-Harvester\"\u003eHashes-Harvester\u003c/a\u003e: Automatically extracts NTLM hashes from Windows memory dumps.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/hexcat\"\u003ehexcat\u003c/a\u003e: A tool to show only printable characters of a file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/objectwalker\"\u003eobjectwalker\u003c/a\u003e: A python module to explore the object tree to extract paths to interesting objects in memory.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/ParseFortinetSerialNumber\"\u003eParseFortinetSerialNumber\u003c/a\u003e: A Python script to parse Fortinet products serial numbers, and detect the associated model and version.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/python_packages_paths\"\u003epython_packages_paths\u003c/a\u003e: This repository contains paths to python modules from inside python modules.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/pwndocapi\"\u003epwndocapi\u003c/a\u003e: A python library to interact with Pwndoc instances for pentest reports generation.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/pdsimage-downloader\"\u003epdsimage-downloader\u003c/a\u003e: A python script to filter by filename and download PDS images. \u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/streamableDownloader\"\u003estreamableDownloader\u003c/a\u003e: A simple python script to download videos hosted on streamable from their link.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/wav2mmv\"\u003ewav2mmv\u003c/a\u003e: WAV to MMV converter. You can then use the MMV file in input of MSSTV to decode Slow Scan Television (SSTV) sound signals.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.github.com/p0dalirius/WifiListProbeRequests\"\u003eWifiListProbeRequests\u003c/a\u003e: Monitor 802.11 probe requests from a capture file or network sniffing!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fp0dalirius%2Fp0dalirius","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fp0dalirius%2Fp0dalirius","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fp0dalirius%2Fp0dalirius/lists"}