Andy Gill
@zephrfish.yxz.red
Defcon goon, Adversarial Architect. Photography, Driving, Blog and general purveyor of chaos. Metal/DnB Fan
Made a thing, mucking about with python and a LDAP browser concept to ingest straight into BloodHound but also just a nice alternative to ADExplorer with fewer LDAP queries, simple LDAP browser using PyQt as a GUI and neo4j-driver to ingest into BH. github.com/ZephrFish/py... #bloodhound #redteam
GitHub - ZephrFish/pyLDAPGui: Python based GUI for browsing LDAP
Python based GUI for browsing LDAP. Contribute to ZephrFish/pyLDAPGui development by creating an account on GitHub.
github.com
September 13, 2025 at 11:31 AM
Made a thing, mucking about with python and a LDAP browser concept to ingest straight into BloodHound but also just a nice alternative to ADExplorer with fewer LDAP queries, simple LDAP browser using PyQt as a GUI and neo4j-driver to ingest into BH. github.com/ZephrFish/py... #bloodhound #redteam
Reposted by Andy Gill
Weekends are for random projects Here is a blog post all around Kerberos errors and a bonus interactive app built in collaboration with @thecontractor.io Errorism Index for Kerberos blog.zsec.uk/common-tool-... kerberos.errorism.io
Common Tool Errors - Kerberos
So you are performing your favourite kerberos attacks, such as pass the ticket, Public Key Cryptography for Initial Authentication (PKINIT), Shadow Credentials or Active Directory Certificate Services...
blog.zsec.uk
April 27, 2025 at 1:43 PM
Weekends are for random projects Here is a blog post all around Kerberos errors and a bonus interactive app built in collaboration with @thecontractor.io Errorism Index for Kerberos blog.zsec.uk/common-tool-... kerberos.errorism.io
Weekends are for random projects Here is a blog post all around Kerberos errors and a bonus interactive app built in collaboration with @thecontractor.io Errorism Index for Kerberos blog.zsec.uk/common-tool-... kerberos.errorism.io
Common Tool Errors - Kerberos
So you are performing your favourite kerberos attacks, such as pass the ticket, Public Key Cryptography for Initial Authentication (PKINIT), Shadow Credentials or Active Directory Certificate Services...
blog.zsec.uk
April 27, 2025 at 1:43 PM
Weekends are for random projects Here is a blog post all around Kerberos errors and a bonus interactive app built in collaboration with @thecontractor.io Errorism Index for Kerberos blog.zsec.uk/common-tool-... kerberos.errorism.io
Should probably start writing my talk then
First round of talk emails have just gone out. We had over 40 submissions for 18 slots so unfortunately have had to reject over half of them.
If you haven't had an email yet, please hang on, more will be sent out shortly as we finalise other things.
If you haven't had an email yet, please hang on, more will be sent out shortly as we finalise other things.
April 24, 2025 at 12:49 PM
Should probably start writing my talk then
Reposted by Andy Gill
First round of talk emails have just gone out. We had over 40 submissions for 18 slots so unfortunately have had to reject over half of them.
If you haven't had an email yet, please hang on, more will be sent out shortly as we finalise other things.
If you haven't had an email yet, please hang on, more will be sent out shortly as we finalise other things.
April 24, 2025 at 11:02 AM
First round of talk emails have just gone out. We had over 40 submissions for 18 slots so unfortunately have had to reject over half of them.
If you haven't had an email yet, please hang on, more will be sent out shortly as we finalise other things.
If you haven't had an email yet, please hang on, more will be sent out shortly as we finalise other things.
A thousand sunsets and each one will differ slightly
April 12, 2025 at 9:34 PM
A thousand sunsets and each one will differ slightly
Reposted by Andy Gill
Elbows up, Canada.
March 22, 2025 at 10:11 PM
Elbows up, Canada.
Want a nice Sunday hack? The function that android has had for years but a nice to have on iPhone, estimated minutes to charge.
March 23, 2025 at 11:24 AM
Want a nice Sunday hack? The function that android has had for years but a nice to have on iPhone, estimated minutes to charge.
There we go submitted a thing
March 16, 2025 at 11:31 AM
There we go submitted a thing
Sign it nerds you.38degrees.org.uk/petitions/ke...
Keep our Apple data encrypted
It is reported that the Home Office has ordered Apple to build a backdoor into its encrypted services so that they can get hold of content that any Apple user has upload to the cloud.
Encryption keeps...
you.38degrees.org.uk
March 12, 2025 at 3:19 PM
Sign it nerds you.38degrees.org.uk/petitions/ke...
Reposted by Andy Gill
Here's RepoMan, a proof of concept surrounding git commit poisoning. The blog post dives a little deeper into how it all works and the rationale behind it.
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit hist...
blog.zsec.uk
March 9, 2025 at 2:18 PM
Here's RepoMan, a proof of concept surrounding git commit poisoning. The blog post dives a little deeper into how it all works and the rationale behind it.
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
Here's RepoMan, a proof of concept surrounding git commit poisoning. The blog post dives a little deeper into how it all works and the rationale behind it.
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit hist...
blog.zsec.uk
March 9, 2025 at 2:18 PM
Here's RepoMan, a proof of concept surrounding git commit poisoning. The blog post dives a little deeper into how it all works and the rationale behind it.
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
blog.zsec.uk/navigating-a...
github.com/ZephrFish/Re...
Finally got around to finishing the series here's part 3 of my NUC stack series blog.zsec.uk/homelab-clus...
March 2, 2025 at 8:48 AM
Finally got around to finishing the series here's part 3 of my NUC stack series blog.zsec.uk/homelab-clus...
Better to be a warrior in a garden than a gardener in a war
March 2, 2025 at 12:59 AM
Better to be a warrior in a garden than a gardener in a war
Following up on my talk, I mentioned if you wanted to get my books for free, you could probably find them on Google; well, there's no need. I've set the bundle on leanpub for the ebook to $0.00, aka free, so you can get a copy of both LTR101 and LTR102!
leanpub.com/b/LearningTh...
#SecuriTay2025
leanpub.com/b/LearningTh...
#SecuriTay2025
March 1, 2025 at 8:09 PM
Following up on my talk, I mentioned if you wanted to get my books for free, you could probably find them on Google; well, there's no need. I've set the bundle on leanpub for the ebook to $0.00, aka free, so you can get a copy of both LTR101 and LTR102!
leanpub.com/b/LearningTh...
#SecuriTay2025
leanpub.com/b/LearningTh...
#SecuriTay2025
Dundee I have arrived 👋🏻
February 27, 2025 at 5:52 PM
Dundee I have arrived 👋🏻
Got a busy few months ahead but I will eventually finish the NUC series! If you missed the first two parts they're here:
blog.zsec.uk/homelab-clus...
blog.zsec.uk/homelab-clus...
blog.zsec.uk/homelab-clus...
blog.zsec.uk/homelab-clus...
(Re)Building the Ultimate Homelab NUC Cluster - Part 1
Explore my blog series on building a NUC cluster with Proxmox! Learn about connecting hosts, setting up tools, and avoiding pitfalls from my own build mistakes. Perfect for anyone keen on creating a h...
blog.zsec.uk
February 27, 2025 at 11:03 AM
Got a busy few months ahead but I will eventually finish the NUC series! If you missed the first two parts they're here:
blog.zsec.uk/homelab-clus...
blog.zsec.uk/homelab-clus...
blog.zsec.uk/homelab-clus...
blog.zsec.uk/homelab-clus...
Slides are done for SecuriTay and talk will be tomorrow afternoon on track 1, come along and listen to "Think Like an Adversary" designed to show both sides of the coin what a real world attack looks like and where the detection opportunities exist
February 27, 2025 at 8:35 AM
Slides are done for SecuriTay and talk will be tomorrow afternoon on track 1, come along and listen to "Think Like an Adversary" designed to show both sides of the coin what a real world attack looks like and where the detection opportunities exist
As I slowly ease back into using socials I think I'm going to fully move off of Twitter and keep my account locked but rather post on here. If you followed me from Twitter hello again! But if you're new here, welcome! I post a mix of photography, hacks, rants and everything in between 🤘🏻
February 27, 2025 at 8:34 AM
As I slowly ease back into using socials I think I'm going to fully move off of Twitter and keep my account locked but rather post on here. If you followed me from Twitter hello again! But if you're new here, welcome! I post a mix of photography, hacks, rants and everything in between 🤘🏻
12 years ago I went to see You Me At Six, and in 5 weeks time I'll see them again at their final gig in Glasgow🥲
February 16, 2025 at 7:12 PM
12 years ago I went to see You Me At Six, and in 5 weeks time I'll see them again at their final gig in Glasgow🥲
I’m a fucking morning person on the weekends but not the week, why brain
February 2, 2025 at 11:06 AM
I’m a fucking morning person on the weekends but not the week, why brain
Scotland get your coat
January 11, 2025 at 3:40 AM
Scotland get your coat