I'm a Security french Researcher publishing opensource security tools to test for vulnerabilities on many environments. I truly love to tinker with undefined behaviors in computers, mostly in Windows, Active Directory and various web apps. I've publicly released 70 projects and tools so far, and I'm planning to publish many more! 🥳
If any of my tools helped you, please consider sponsoring my work! Sponsorship will help me cover the costs of my projects (server costs, mainframe restoration, buying books on a research subject ...).
I'm also constantly reporting security vulnerabilities found everywhere. I currently have reported 10 of security vulnerabilities found in the wild (see responsible disclosures) and got 6 CVEs (CVE-2020-16147, CVE-2020-16148, CVE-2021-43008, CVE-2022-26159, CVE-2022-29710, CVE-2022-30780) + 2 waiting for release
Featured work
-
p0dalirius/Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
Dockerfile 1,851 -
p0dalirius/Coercer
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Python 1,810 -
p0dalirius/LDAPmonitor
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
C# 841 -
p0dalirius/webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
-
p0dalirius/ipsourcebypass
This Python script can be used to bypass IP source restrictions using HTTP headers.
Python 380 -
p0dalirius/pyFindUncommonShares
FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE accesses.
Python 391