Andy | ZephrFish's repositories
CVE-2020-16898
HoneyPoC 2.0: Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).
NessusPreFlight
Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to scan a machine
cve-2020-1351
Bash Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2003 up to Windows Server 2019.
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
nmap-summariser
another nmap summarising script
GoogD0rker
Note: Going through a full re-write of the tooling so the current versions in the repo do not work!
CoverStory
A cover story generator for people who Need Quick Covers On Operations
cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
Random-Yara-Rules
A collection of yara rules I've gathered over the years :-)
ASREPRoast
Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.
PS-Scripts
Useful scripts for labs
msf-autoshell
Feed the tool a .nessus file and it will automatically get you MSF shell
Mailgun-python
Python Wrapper for sending email with mailgun
subscraper
External pentest tool that performs subdomain enumeration through various techniques. In addition, SubScraper will provide information such as HTTP & DNS lookups to aid in potential next steps.
XSSPayloads
Cross Site Scripting Payloads -- Variations
commonspeak2-wordlists
Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.