Jewel591 / Oscp Pentest Methodologies
Licence: apache-2.0
备考 OSCP 的各种干货资料/渗透测试干货资料
Stars: ✭ 166
Programming Languages
c
50402 projects - #5 most used programming language
Labels
Projects that are alternatives of or similar to Oscp Pentest Methodologies
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (+307.83%)
Mutual labels: pentesting, penetration-testing, cybersecurity, pentest-tool, redteam
Jwtxploiter
A tool to test security of json web token
Stars: ✭ 130 (-21.69%)
Mutual labels: pentesting, penetration-testing, ctf, pentest-tool, websecurity
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-48.8%)
Mutual labels: pentesting, penetration-testing, cybersecurity, redteam
Docker Security Images
🔐 Docker Container for Penetration Testing & Security
Stars: ✭ 172 (+3.61%)
Mutual labels: pentesting, penetration-testing, cybersecurity, pentest-tool
Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-37.95%)
Mutual labels: pentesting, penetration-testing, pentest-tool, websecurity
Venom
Venom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+639.76%)
Mutual labels: pentesting, ctf, pentest-tool, redteam
Hrshell
HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+16.27%)
Mutual labels: pentesting, penetration-testing, post-exploitation, oscp
Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+2850%)
Mutual labels: cybersecurity, pentest-tool, penetration-testing, pentesting
Justtryharder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+171.08%)
Mutual labels: pentesting, penetration-testing, pentest-tool, oscp
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+130.12%)
Mutual labels: pentesting, penetration-testing, cybersecurity, redteam
Offensive-Reverse-Shell-Cheat-Sheet
Offensive Reverse Shell (Cheat Sheet)
Stars: ✭ 138 (-16.87%)
Mutual labels: cybersecurity, penetration-testing, oscp, redteam
Stowaway
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+201.2%)
Mutual labels: pentesting, ctf, pentest-tool, redteam
Information Security
A place where I can create, collect and share tooling, resources and knowledge about information security.
Stars: ✭ 135 (-18.67%)
Mutual labels: penetration-testing, cybersecurity, oscp
Rsf
The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-54.22%)
Mutual labels: pentesting, penetration-testing, cybersecurity
Ldap search
Python3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-53.01%)
Mutual labels: pentesting, pentest-tool, redteam
Red Team Curation List
A list to discover work of red team tooling and methodology for penetration testing and security assessment
Stars: ✭ 68 (-59.04%)
Mutual labels: pentesting, penetration-testing, redteam
Pentesting toolkit
🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+663.86%)
Mutual labels: pentesting, ctf, post-exploitation
Gtfonow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Stars: ✭ 68 (-59.04%)
Mutual labels: pentesting, ctf, post-exploitation
Eyes.sh
Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-46.39%)
Mutual labels: pentesting, penetration-testing, pentest-tool
Winpwn
Automation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+684.94%)
Mutual labels: pentesting, pentest-tool, redteam
OSCP-Pentest-Methodologies
该项目收集了渗透测试中涉及到的通用测试方法和技巧,完整覆盖渗透测试的全生命周期,目的是为了帮助渗透测试爱好者/初学者或 OSCP 备考人员查询相关知识和下载相关工具,更好的理解渗透测试的方法。
我根据自己的经验编制了这个列表,如果有错误的地方或改进建议,欢迎提交 Issue。
声明
最近发现有人假冒我的 ID 搭建网站销售 OSCP/OSCE/OSWE 的考试报告,给了钱就跑路,有好几位朋友上当受骗了,大家注意。
没有网站、没有知识星球。
Table of Contents
OSCP 资料
OSCP 培训
OSCP 官方考试要求
OSCP 考试报告
工作机会
Web 服务
综合技巧
Web 通用漏洞
CMS
Web 中间件
- IIS
- phpmyadmin
- tomcat
- Weblogic
后端语言
HTTP Method
系统服务
反弹shell
Linux 提权
Linux 提权方法
- 升级 tty-shell
- SUID 提权
- CronJobs 提权
- passwd/shadow 提权
Linux 提权工具
Windows 提权
Windows 提权方法
- 0x1 收集Windows系统信息
- 0x2 不带引号的服务路径
- 0x3 不安全的服务权限
- 0x4 查找主机上的明文密码
- 0x5 Pass The Hash
- 0x6 Windows AlwaysInstallElevated 策略
- 0x7 存在漏洞的驱动
- 0x8 内核漏洞提权
- 0x9 向Windows主机上传文件
- 0x10 Windows后渗透常用命令
Windows 提权工具
- ☆winPEAS
- windows-exploit-suggester > 教程
- windows-kernel-exploits
- JuicyPotato.exe
- Accesschk.exe
- BeRoot For Windows
隧道和代理
工具和资源
安全工具下载
这部分工具在 OSCP 考试认证过程中用不到,在工作渗透测试项目中可能用到
Hash 在线解密
提升效率
Linux
TODO
- [ ] tomcat
- [ ] nfs
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].