Skip to content
Working on Computer things
Working on Computer things




  • Pro


Block or Report

Block or report ZephrFish

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

🔑 Intro:

Andy is a hacker at heart, a penetration tester and consultant who has always been interested in taking things apart and sometimes even putting them together again (in fact he spent a good few years in computer repair and data recovery).

✔️ Projects:

ZephrFish's github stats

⌨️ Blog:

I post most of my research and other interesting tutorials on my blog

📚 Book:

For those that don't know Andy, he is a strong believer in passing knowledge on and supporting the infosec community he does this by providing tutorials on his blog running his local DEF CON Chapter & has also published a book Breaking into Information Security. He also helps out at DEF CON as a SOC Goon (Red Shirt) too each year (since DC25) assisting the SOC with operations and people flow.

🎤 Talks:




🏆 Bug Bounty:

📛 Badges

Andy has been in the IT security industry for just over eight years, currently holding CREST’s CCT Infrastructure certification which is highly sought-after, in addition he holds CHECK Team Leader status. He is also a Certified Red Team Operator. To back up his years in industry he also holds several other certifications and accolades including OSCP, OSWP.


  1. Hacked together script for feeding urls into Burp's Sitemap

    Python 72 19

  2. HoneyPoC: Proof-of-Concept (PoC) script to exploit SIGRed (CVE-2020-1350). Achieves Domain Admin on Domain Controllers running Windows Server 2000 up to Windows Server 2019.

    PowerShell 266 76

  3. Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to scan a machine

    PowerShell 13 5

  4. A collection of templates for bug bounty reporting

    204 72

  5. Various Payload wordlists

    210 53

303 contributions in the last year

Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Mon Wed Fri

Contribution activity

July 2021

Created 5 repositories

Created a pull request in GKNSB/Lepus that received 1 comment

Updated slack in requirements and helper to make way for webhook urls

Updated the Slack requirements file and added changes to the imports in As slack now uses webhooks as opposed to tokens for posting…

+4 −4 1 comment
Opened 1 other pull request in 1 repository
1 open

Seeing something unexpected? Take a look at the GitHub profile guide.