{"id":28501127,"url":"https://github.com/themanticoreproject/findgpppasswords","last_synced_at":"2025-07-04T12:30:54.345Z","repository":{"id":279480925,"uuid":"865172975","full_name":"TheManticoreProject/FindGPPPasswords","owner":"TheManticoreProject","description":"A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts","archived":false,"fork":false,"pushed_at":"2025-06-29T13:59:38.000Z","size":1052,"stargazers_count":157,"open_issues_count":0,"forks_count":20,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-06-29T14:15:17.573Z","etag":null,"topics":["active-directory","aes","decrypt","find","gpppasswords","windows"],"latest_commit_sha":null,"homepage":"https://themanticoreproject.com/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TheManticoreProject.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"TheManticoreProject"}},"created_at":"2024-09-30T05:26:51.000Z","updated_at":"2025-06-29T13:59:42.000Z","dependencies_parsed_at":"2025-04-14T09:36:48.880Z","dependency_job_id":"d4d64269-ad7b-4d58-80fb-e226008da163","html_url":"https://github.com/TheManticoreProject/FindGPPPasswords","commit_stats":null,"previous_names":["p0dalirius/findgpppasswords","themanticoreproject/findgpppasswords"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/TheManticoreProject/FindGPPPasswords","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheManticoreProject%2FFindGPPPasswords","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheManticoreProject%2FFindGPPPasswords/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheManticoreProject%2FFindGPPPasswords/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheManticoreProject%2FFindGPPPasswords/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TheManticoreProject","download_url":"https://codeload.github.com/TheManticoreProject/FindGPPPasswords/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheManticoreProject%2FFindGPPPasswords/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263539074,"owners_count":23477454,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["active-directory","aes","decrypt","find","gpppasswords","windows"],"created_at":"2025-06-08T15:30:30.502Z","updated_at":"2025-07-04T12:30:54.338Z","avatar_url":"https://github.com/TheManticoreProject.png","language":"Go","funding_links":["https://github.com/sponsors/TheManticoreProject"],"categories":[],"sub_categories":[],"readme":"![](./.github/banner.png)\n\n\u003cp align=\"center\"\u003e\n    A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts.\n    \u003cbr\u003e\n    \u003ca href=\"https://github.com/TheManticoreProject/FindGPPPasswords/actions/workflows/release.yaml\" title=\"Build\"\u003e\u003cimg alt=\"Build and Release\" src=\"https://github.com/TheManticoreProject/FindGPPPasswords/actions/workflows/release.yaml/badge.svg\"\u003e\u003c/a\u003e\n    \u003cimg alt=\"GitHub release (latest by date)\" src=\"https://img.shields.io/github/v/release/TheManticoreProject/FindGPPPasswords\"\u003e\n    \u003cimg alt=\"Go Report Card\" src=\"https://goreportcard.com/badge/github.com/TheManticoreProject/FindGPPPasswords\"\u003e \n    \u003ca href=\"https://twitter.com/intent/follow?screen_name=podalirius_\" title=\"Follow\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/podalirius_?label=Podalirius\u0026style=social\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://www.youtube.com/c/Podalirius_?sub_confirmation=1\" title=\"Subscribe\"\u003e\u003cimg alt=\"YouTube Channel Subscribers\" src=\"https://img.shields.io/youtube/channel/subscribers/UCF_x5O7CSfr82AfNVTKOv_A?style=social\"\u003e\u003c/a\u003e\n    \u003cbr\u003e\n\u003c/p\u003e\n\n\n## Features\n\n - [x] Only requires a **low privileges domain user account**.\n - [x] Automatically gets the list of all domain controllers from the LDAP.\n - [x] Finds all the Group Policy Preferences Passwords present in SYSVOL share on each domain controller.\n - [x] Decrypts the passwords and prints them in cleartext.\n - [x] Outputs to a Excel file with option `--export-xlsx \u003cpath_to_xlsx_file\u003e`.\n - [x] Option to test the credentials of the found GPP passwords with the `--test-credentials` option.\n - [x] Multi-threaded mode with option `--threads \u003cnumber_of_threads\u003e`.\n\n## Demonstration\n\nBy default, the tool will only find the GPP passwords and print them in cleartext:\n\n```bash\n./FindGPPPasswords-linux-amd64 --domain \u003cdomain\u003e --username \u003cusername\u003e --password \u003cpassword\u003e\n```\n\n![](./.github/example.png)\n\nThere is also the possibility to test the credentials of the found GPP passwords with the `--test-credentials` option.\n\n```bash\n./FindGPPPasswords-linux-amd64 --test-credentials --domain \u003cdomain\u003e --username \u003cusername\u003e --password \u003cpassword\u003e\n```\n\n![](./.github/example_test_credentials.png)\n\n## Usage\n\n```              \n$ ./FindGPPPasswords -h\nFindGPPPasswords - by Remi GASCOU (Podalirius) @ TheManticoreProject - v1.2\n\nUsage: FindGPPPasswords [--quiet] [--debug] [--no-colors] [--export-xlsx \u003cstring\u003e] [--test-credentials] --domain \u003cstring\u003e --username \u003cstring\u003e [--password \u003cstring\u003e] [--hashes \u003cstring\u003e] [--threads \u003cint\u003e] [--nameserver \u003cstring\u003e] --dc-ip \u003cstring\u003e [--ldap-port \u003ctcp port\u003e] [--use-ldaps]\n\n  -q, --quiet      Show no information at all. (default: false)\n  -d, --debug      Debug mode. (default: false)\n  -nc, --no-colors No colors mode. (default: false)\n\n  Additional Options:\n    -x, --export-xlsx \u003cstring\u003e Path to output Excel file. (default: \"\")\n    -tc, --test-credentials    Test credentials. (default: false)\n\n  Authentication:\n    -d, --domain \u003cstring\u003e   Active Directory domain to authenticate to.\n    -u, --username \u003cstring\u003e User to authenticate as.\n    -p, --password \u003cstring\u003e Password to authenticate with. (default: \"\")\n    -H, --hashes \u003cstring\u003e   NT/LM hashes, format is LMhash:NThash. (default: \"\")\n    -T, --threads \u003cint\u003e     Number of threads to use. (default: 0)\n\n  DNS Settings:\n    -ns, --nameserver \u003cstring\u003e IP Address of the DNS server to use in the queries. If omitted, it will use the IP of the domain controller specified in the -dc parameter. (default: \"\")\n\n  LDAP Connection Settings:\n    -dc, --dc-ip \u003cstring\u003e       IP Address of the domain controller or KDC (Key Distribution Center) for Kerberos. If omitted, it will use the domain part (FQDN) specified in the identity parameter.\n    -lp, --ldap-port \u003ctcp port\u003e Port number to connect to LDAP server. (default: 389)\n    -L, --use-ldaps             Use LDAPS instead of LDAP. (default: false)\n\n```\n\n## Contributing\n\nPull requests are welcome. Feel free to open an issue if you want to add other features.\n\n## Credits\n  - [Remi GASCOU (Podalirius)](https://github.com/p0dalirius) for the creation of the [FindGPPPasswords](https://github.com/p0dalirius/FindGPPPasswords) project before transferring it to TheManticoreProject.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthemanticoreproject%2Ffindgpppasswords","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthemanticoreproject%2Ffindgpppasswords","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthemanticoreproject%2Ffindgpppasswords/lists"}