Security In Mind

OSCP Preparation Material

OSCP Preparation Material

OSCP Approach
For you to begin, I have divided the OSCP Preparation in three phases i.e. Pre-Enrollment, Post-Enrollment
and Examination. Hope this helps!!

*Basic understanding*
* Reverse and Bind Shell – https://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/
* Nmap – https://resources.infosecinstitute.com/nmap/#gref
* Netcat and ncat Basics – https://www.varonis.com/blog/netcat-commands/
* Metasploit – https://www.offensive-security.com/metasploit-unleashed/metasploit-fundamentals/
* Sceneriao Based Exploitation – Metasploit – http://www.fuzzysecurity.com/tutorials/13.html
* Certutil for File Transfer – http://carnal0wnage.attackresearch.com/2017/08/certutil-for-delivery-of-files.html
* Ways to Download a file – https://blog.netspi.com/15-ways-to-download-a-file/
* Web Application Attacks – https://kentosec.com/2018/08/12/oscp-prep-episode-9-web-app-attacks/
* Reverse Shell – http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
* One Liner Reverse shell – http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
* Different ways to get shell – https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
* Spawning a TTY shell – https://netsec.ws/?p=337
* Port Forwarding – https://www.howtoforge.com/port-forwarding-with-rinetd-on-debian-etch
* Best Enumeration – http://www.0daysecurity.com/penetration-testing/enumeration.html

*Machines*

* Kioptrix: Level 1 – https://www.vulnhub.com/entry/kioptrix-level-1-1,22/
* Kioptrix: Level 1.1 – https://www.vulnhub.com/entry/kioptrix-level-11-2,23/
* Kioptrix: Level 1.2 – https://www.vulnhub.com/entry/kioptrix-level-12-3,24/
* Kioptrix: Level 1.3 – https://www.vulnhub.com/entry/kioptrix-level-13-4,25/
* FristiLeaks: 1.3 – https://www.vulnhub.com/entry/fristileaks-13,133/
* Stapler: 1 – https://www.vulnhub.com/entry/stapler-1,150/
* PwnLab: init – https://www.vulnhub.com/entry/pwnlab-init,158/
* Mr-Robot: 1 – https://www.vulnhub.com/entry/mr-robot-1,151/

*Intermediate*

* Kioptrix: 2014 – https://www.vulnhub.com/entry/kioptrix-2014-5,62/
* Brainpan: (Bufer Overflow) – https://www.vulnhub.com/entry/brainpan-1,51/
* HackLAB: Vulnix – https://www.vulnhub.com/entry/hacklab-vulnix,48/

*Advance*

* VulnOS: 2 – https://www.vulnhub.com/entry/vulnos-2,147/
* SickOs: 1.2 – https://www.vulnhub.com/entry/sickos-12,144/
* /dev/random: scream – https://www.vulnhub.com/entry/devrandom-scream,47/
* pWnOS: 2.0 – https://www.vulnhub.com/entry/pwnos-20-pre-release,34/
* SkyTower: 1 – https://www.vulnhub.com/entry/skytower-1,96/
* IMF – https://www.vulnhub.com/entry/imf-1,162/

*Linux Gaining Shell/Privilege Escalation*

* Gotmilk – https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
* SUID – Priv Esc- https://pentestlab.blog/category/privilege-escalation/
* SUDO – Priv Esc – https://touhidshaikh.com/blog/?p=790
* Priv Esc- suid – https://www.hackingarticles.in/linux-privilege-escalation-using-suid-binaries/
* Exploit- Priv Esc- https://payatu.com/guide-linux-privilege-escalation/
* Samba – https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/#smb-enumeration-tools
* Using . in Path – https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/
* CronTab – https://www.hackingarticles.in/linux-privilege-escalation-by-exploiting-cron-jobs/
* LFI Tricks- https://sushant747.gitbooks.io/total-oscp-guide/local_file_inclusion.html
* NFS – https://www.tecmint.com/how-to-setup-nfs-server-in-linux/
* Mysql UDF Exploit – Priv esc – https://www.adampalmer.me/iodigitalsec/2013/08/13/mysql-root-to-system-root-with-udf-for-windows-and-linux/
* SSH authorized key – http://blog.jr0ch17.com/2018/No-RCE-then-SSH-to-the-box/
* Editing etc/passwd file priv esc – https://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/
* Understanding etc/passwd file format – https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/
* MySQL – Raptor Udf.c – https://github.com/1N3/PrivEsc/blob/master/mysql/raptor_udf.c
* MySql UDF Exploit – https://www.facebook.com/notes/security-training-share/mysql-root-to-system-root-with-lib_mysqludf_sys-for-windows-and-linux/865458806817957/
* MSSQL to RCE – https://www.tarlogic.com/en/blog/red-team-tales-0x01/
* TFTP- https://null-byte.wonderhowto.com/how-to/hack-like-pro-using-tftp-install-malicious-software-target-0157547/

*Windows Gaining Shell/Privilege Escalation*
* Hacking & Security – http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html
* Fuzzy Security – http://www.fuzzysecurity.com/tutorials/16.html
* GUIF – https://guif.re/windowseop
* MySql UDF Exploit windows –https://osandamalith.com/2018/02/11/mysql-udf-exploitation/
* Priv Esc Methods – https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
* Priv Esc Guide – https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/

*Buffer Overflow*

* Understanding BO – https://www.radiojitter.com/buffer-overflow-exploit-part-1/
* Understanding BO – https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
* Brainpan – https://jagskap.blogspot.com/2019/06/brainpan-buffer-overflow.html
* SLMAIL 5.50 Mail Server – https://github.com/R4v3nG/Seattle-Lab-Mail-SLmail-5.5-POP3-PASS-Remote-Buffer-Overflow

*Scripts*

* LinEnum – https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh
* Linux Priv Checker – https://gist.github.com/sh1n0b1/e2e1a5f63fbec3706123
* Windows Service pack exploits- https://github.com/abatchy17/
* Powershell Exploit – https://github.com/EmpireProject/Empire/tree/master/data/module_source/privesc
* Windows Privesc Check – Powershell – https://github.com/silentsignal/wpc-ps
* Priv Esc Vul Checker – https://github.com/rasta-mouse/Sherlock
* SecLists – https://github.com/danielmiessler/SecLists
* Windows Privesc Check – https://github.com/pentestmonkey/windows-privesc-check
* Just Another windows Enum Script – https://github.com/411Hall/JAWS
* Windows Privesc Check – Powershell – https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc
* Windows-Privilege-Escalation – https://github.com/frizb/Windows-Privilege-Escalation
* Payload of All Things – Windows PrivEsc – https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
* Payload of All Things – https://github.com/swisskyrepo/PayloadsAllTheThings

*Practice Platforms*

* Vulnhub – https://www.vulnhub.com/
* HackTheBox – https://www.hackthebox.eu/
* Metasploitable2 – https://sourceforge.net/projects/metasploitable/
* DVWA – https://github.com/ethicalhack3r/DVWA

Leave a Reply

Your email address will not be published. Required fields are marked *