Skip to content
View ZephrFish's full-sized avatar
🌐
Building tools and tradecraft to help red and blue
🌐
Building tools and tradecraft to help red and blue

Highlights

  • Pro

Organizations

@dc44141

Block or report ZephrFish

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
ZephrFish/README.md

🔑 Intro:

Andy has been consulting in offensive security for over a decade, focusing on red teaming and simulated attacks with a side of threat intelligence and purple teaming. Leading engagements of varying sizes and lengths, helping grow teams and encouraging risk-driven understanding.

image

✔️ Projects:

⌨️ Blog:

I post most of my research and other interesting tutorials on my blog

📚 Book:

For those that don't know Andy, he is a firm believer in passing knowledge on and supporting the infosec community he does this by providing tutorials on his blog running his local DEF CON Chapter & has also published two books Breaking into Information Security and LTR102. He also helps out at DEF CON as a SOC Goon (Red Shirt) too each year (since DC25), assisting the SOC with operations and people flow.

🎤 Talks:

2024

2023

2022

2021

2020

2019

2018

🏆 Bug Bounty:

📛 Badges

Andy has been in the IT security industry for just over 15 years, a decade of which has been dedicated to security and offensive operations. He previously held CREST’s CCT Infrastructure certification, which is highly sought-after, and CHECK Team Leader status. In addition to his years in the industry, he holds several other certifications and accolades, including CRTO, OSCP, and OSWP.

Pinned Loading

  1. BurpFeed BurpFeed Public

    Hacked together script for feeding urls into Burp's Sitemap

    Python 92 24

  2. BugBountyTemplates BugBountyTemplates Public

    A collection of templates for bug bounty reporting

    380 91

  3. Wordlists Wordlists Public

    Various Payload wordlists

    235 65

  4. Bloodhound-CustomQueries Bloodhound-CustomQueries Public

    Custom Queries - Brought Up to BH4.1 syntax

    231 41

  5. RandomScripts RandomScripts Public

    Random Shell Scripts and other ideas I have along the way

    PowerShell 63 25

  6. AttackDeploy AttackDeploy Public

    Scripts for Deploying new server

    Shell 48 19