six2dez / Oscp Human Guide
My own OSCP guide
Stars: ✭ 358
Projects that are alternatives of or similar to Oscp Human Guide
Vault
swiss army knife for hackers
Stars: ✭ 346 (-3.35%)
Mutual labels: hacking, pentesting, offensive-security
Zynix Fusion
zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-76.54%)
Mutual labels: hacking, pentesting, offensive-security
Awesome Privilege Escalation
A curated list of awesome privilege escalation
Stars: ✭ 413 (+15.36%)
Mutual labels: hacking, pentesting, oscp
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+545.81%)
Mutual labels: hacking, pentesting, offensive-security
Penetration Testing Study Notes
Penetration Testing notes, resources and scripts
Stars: ✭ 461 (+28.77%)
Mutual labels: hacking, pentesting, oscp
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+883.52%)
Mutual labels: hacking, pentesting, oscp
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+409.5%)
Mutual labels: hacking, oscp, offensive-security
Buffer overflow
Don't let buffer overflows overflow your mind
Stars: ✭ 131 (-63.41%)
Mutual labels: hacking, oscp, offensive-security
Redteam Tactics And Techniques
Red Teaming Tactics and Techniques
Stars: ✭ 2,190 (+511.73%)
Mutual labels: pentesting, oscp, offensive-security
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-46.09%)
Mutual labels: hacking, pentesting, oscp
Awesome Oscp
A curated list of awesome OSCP resources
Stars: ✭ 804 (+124.58%)
Mutual labels: pentesting, oscp, offensive-security
Vhostscan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+114.25%)
Mutual labels: hacking, oscp, offensive-security
Linux Smart Enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
Stars: ✭ 1,956 (+446.37%)
Mutual labels: hacking, pentesting, oscp
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-49.16%)
Mutual labels: hacking, pentesting, offensive-security
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-44.41%)
Mutual labels: hacking, pentesting, oscp
Crips
IP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-24.02%)
Mutual labels: hacking, pentesting
Phishapi
Comprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (-24.02%)
Mutual labels: hacking, pentesting
OSCP-Human-Guide
Edit I'm currently moving all the OSCP stuff and other things to my "pentest-book". This repository will not have more updates. Sorry for the inconvenience.
This page is the jouney with some tips, the real guide is HERE
My own OSCP guide with some presents, my owncrafted guide and my Cherrytree template, enjoy and feel free to contribute :)
You can support this work buying me a coffee:
Table of Contents
- OSCP-Human-Guide
Intro - Before OSCP
Penetration Testing Book
It was an incredible help to me, I have it on the throne of pentesting basis, litte outdated: https://nostarch.com/pentesting, there is some info to get all the exercises with updated resources here: https://github.com/PollyP/Notes-on-Penetration-Testing-A-Hands-On-Guide-to-Hacking/blob/master/README.md
HackTheBox (the easiest ones) and VulnHub
Course and Lab
Repeat this mantra: Sleep, rest, calm down you will get it
Lab machines step-by-step
This is a must: Use only the VM provided for this course, not the Kali latest ISO I did it with the PWK VM upgrading only MSF, Nmap, Nikto and the basics, but not upgrade the entire OS.
- Open CherryTree template to take screenshots and paste outputs.
- Run simple nmap and then the slower.
- Check first results (webs, ssh, ftp) from the first fast nmap scan.
- Review slower nmap scan.
- Always go for the easiest port (SMB, FTP, HTTP...).
- Depend on each port do the appropiate enumeration techniches.
- Time to find exploits and try them.
- In case webpage is your target, look the source code, ever, will find software versions, for example.
- When you get the exploit and you have tweaked it for your target and purpose you should be inside as low user.
- Simple enumeration such as OS version, users, permissions, files in home, compilers, available tools.
- In case of Windows, with
systeminfois enough for me https://github.com/GDSSecurity/Windows-Exploit-Suggester
- In case of Windows, with
- Find out how to upload files.
- Upload your privilege escalation script.
- In case of Linux I always used LinEnum and linux-exploit-suggester
- Check services running and check the strange ones in gtfobins or lolbas and exploit-db
- Run your exploit and get root, collect proofs, passwords, review root paths and home paths for interesting files for other machines.
Exam preparation (after labs)
HackTheBox(VIP) and VulnHub (medium ones)
Exam mockups
I did 4 exam mockups in 2 weeks, yes, 24 hours for 5 machines. Main resource to choose machines: NetSecFocus Trophy Room
First mockup:
Second mockup
Third mockup
- LazySysadmin VulnHub
- Metasploitable3_ubuntu GitHub
- MrRobot VulnHub
- Pinky's Palace v1 VulnHub
- Own crafted Windows XP machine with SLMail, Minishare, DoStackOverflowGood, VulnServer and WarFTPD.
Fourth mockup
Exam first try
Preparations
- Session recorded with OBStudio, two screens without sound at 10 fps in mkv format, about 25GB.
Result
Failed, 6 hours in the first BOF, all went bad due my extreme nervous :(
1 extra lab month
After this last month this was my result: IT Network unlocked, 32 machines rooted in Public Network, that's all. No exam mockups.
Exam second try
Preparations
- Session recorded with OBStudio, two screens without sound at 10 fps in mkv format, about 25GB.
Result
- After 8 hours 4 machines rooted. After 20 hours 5 machines rooted, with 5 slept.
- This is the template used for my exam report.
- Report done in 4 hours.
Stargazers over time
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].