Andy | ZephrFish's repositories
RandomScripts
Random Shell Scripts and other ideas I have along the way
ChunkyIngress
Leverages B64 chunks to split files and save to clipboard
HelpColor
Agressor script that lists available Cobalt Strike beacon commands and colors them based on their type
CVE-2024-4577-PHP-RCE
PHP RCE PoC for CVE-2024-4577 written in bash, go, python and a nuclei template
Evilginx-Phishing-Infra-Setup
Evilginx Phishing Engagement Infrastructure Setup Guide
AutoHoneyPoC
AutoPoC Generator HoneyPoC
Spartacus
Spartacus DLL/COM Hijacking Toolkit
NotProxyShellScanner
Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082
C-from-Scratch
A roadmap to learn C from Scratch
ADFSDump-PS
PowerShell Implementation of ADFSDump to assist with GoldenSAML
HelloJackHunter
Research into WinSxS binaries and finding hijackable paths
OffensiveCpp
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
zephrfish.github.io
zsec backup blog
DLL-Exports-Reverse-Proxy-Gen
A simple python tool to generate a a header file of correctly formatted DLL export function forwards for all functions exported by the target DLL.
IconJector
Unorthodox and stealthy way to inject a DLL into the explorer using icons
GOAD
game of active directory but on Windows
allthewayback
Search the Wayback Machine for specific historical files which may contain sensitive data.
SandboxSpy
Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them back in a Base32 string over HTTP to an endpoint.
CVE-2024-3400-Canary
Have we not learnt from HoneyPoC?
Burp2API
Converting your Burp Suite projects into JSON APIs
WebSocketsAreFun
FAFO with WebSockets
DynamicMSBuilder
A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation
CVE-2023-34362
CVE-2023-34362: MOVEit Transfer Unauthenticated RCE
WindowsHardeningScript
Some settings stolen from multiple scripts @ZephrFish