ly4k
Security Researcher
Funding Links: https://github.com/sponsors/ly4k
- Name: Oliver Lyak
- Location: Copenhagen, Denmark
- Company: IFCR
- Kind: user
- Followers: 1562
- Following: 0
- Total stars: 8128
- Repositories count: 15
- Created at: 2022-11-15T05:42:55.206Z
- Updated at: 2025-05-11T00:39:39.269Z
- Last synced at: 2025-05-11T00:39:39.269Z
GitHub Sponsors Profile
Hi, I'm Oliver Lyak, a penetration tester and security researcher from Denmark with a focus on enterprise and cloud security.
I'm the author of Certipy, an open-source tool designed to help audit and exploit Active Directory Certificate Services (AD CS). It's used by both red and blue teams to better understand and secure complex AD CS environments. Over the years, I've also reported more than 15 vulnerabilities across Windows, Active Directory, and Azure - ranging from privilege escalation to Azure account takeover scenarios. Some of these were patched quietly, while others resulted in public CVEs like "Certifried" (CVE-2022-26923) and "SpoolFool" (CVE-2022-21999).
In addition to original research, I've released several exploitation techniques and proof-of-concepts - like the first public PoCs for CurveBall, SMBGhost, CallbackHell, and BlueGate, and published the Pass-the-Challenge technique. I've also contributed improved versions of known exploits, such as PwnKit, PetitPotam, and PrintNightmare.
Right now, I'm working on a new tool for Microsoft cloud security assessments - focused on usability and built with a graphical interface. The goal is to make cloud-focused security testing more accessible and effective.
Most of my work is open-source because I believe in sharing knowledge and helping others. But research and development take time and resources - testing infrastructure, cloud environments, CI/CD pipelines, licensing, and so on. Sponsorship helps cover these costs and allows me to keep improving existing tools and explore new ideas. Sponsors are by default credited in the Certipy README and on the PyPI page as a small thank-you.
If you've found any of my tools, techniques, or research helpful, I'd really appreciate your support. Whether you choose to sponsor, share feedback, or simply make use of the work - that involvement means a lot to me.
- Current Sponsors: 2
- Past Sponsors: 1
- Total Sponsors: 3
- Minimum Sponsorship: $5.00
Featured Works
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
Language: Python - Stars: 2742fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
Language: Python - Stars: 14281ly4k/CurveBall
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
Language: Ruby - Stars: 890ly4k/PwnKit
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation
Language: C - Stars: 1149ly4k/SpoolFool
Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)
Language: C# - Stars: 788ly4k/PassTheChallenge
Recovering NTLM hashes from Credential Guard
Language: C - Stars: 336Active Sponsors
mxrch
fgeek
clipsec
Past Sponsors
itgramabi
Sponsor Breakdown
- User: 4