diff --git a/fish_functions/get_column_names.fish b/fish_functions/get_column_names.fish
new file mode 100644
index 0000000..333c475
--- /dev/null
+++ b/fish_functions/get_column_names.fish
@@ -0,0 +1,25 @@
+function get_db_columns
+      set user $argv[1]
+      set password $argv[2]
+      set server $argv[3]
+      echo "1.) sql auth"
+      echo "2.) windows auth"
+      read auth_type
+      if test $auth_type = 1
+          set netexec_cmd "proxychains -q netexec mssql $server -u $user -p $password --local-auth"
+      else
+          set netexec_cmd "proxychains -q netexec mssql $server -u $user -p $password"
+      end
+      mkdir $server
+      eval "$netexec_cmd -q \"SELECT name FROM master.sys.databases\"" | tee ./$server/raw_dbs.txt
+      cat ./$server/raw_dbs.txt | grep "name:" | cut -d ":" -f 2 | tee ./$server/dbs.txt 
+      for db in $(cat ./$server/dbs.txt)
+                mkdir ./$server/$db
+                eval "$netexec_cmd -q \"use $db; SELECT table_name FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE='BASE TABLE'\"" | tee ./$server/$db/raw_tables.txt
+                for table in $(cat ./$server/$db/raw_tables.txt | grep table_name | cut -d ":" -f 2)
+                        mkdir ./$server/$db/$table
+                        eval "$netexec_cmd -q \"use $db; SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = '$table'\"" | tee ./$server/$db/$table/raw_columns.txt
+                        cat ./$server/$db/$table/raw_columns.txt | grep "COLUMN_NAME" | cut -d ":" -f 2 | tee ./$server/$db/$table/column_names.txt
+                    end
+            end
+  end