Andy | ZephrFish's repositories
WindowsHardeningScript
Some settings stolen from multiple scripts @ZephrFish
RandomScripts
Random Shell Scripts and other ideas I have along the way
AutoHoneyPoC
AutoPoC Generator HoneyPoC
ADFSDump-PS
PowerShell Implementation of ADFSDump to assist with GoldenSAML
DynamicMSBuilder
A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
ChunkyIngress
Leverages B64 chunks to split files and save to clipboard
HelloJackHunter
Research into WinSxS binaries and finding hijackable paths
CVE-2023-34362
CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
SandboxSpy
Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them back in a Base32 string over HTTP to an endpoint.
CVE-2024-4577-PHP-RCE
PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template
NotProxyShellScanner
Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082
WebSocketsAreFun
FAFO with WebSockets
zephrfish.github.io
zsec backup blog
CVE-2024-3400-Canary
Have we not learnt from HoneyPoC?
DLL-Exports-Reverse-Proxy-Gen
A simple python tool to generate a a header file of correctly formatted DLL export function forwards for all functions exported by the target DLL.
Evilginx-Phishing-Infra-Setup
Evilginx Phishing Engagement Infrastructure Setup Guide
OffensiveCpp
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
allthewayback
Search the Wayback Machine for specific historical files which may contain sensitive data.
C-from-Scratch
A roadmap to learn C from Scratch
GOAD
game of active directory but on Windows
IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
Spartacus
Spartacus DLL/COM Hijacking Toolkit