All Projects → rewardone → Oscprepo

rewardone / Oscprepo

Licence: mit
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Programming Languages

c
50402 projects - #5 most used programming language
python
139335 projects - #7 most used programming language
perl
6916 projects
shell
77523 projects
C++
36643 projects - #6 most used programming language
Coq
218 projects

Projects that are alternatives of or similar to Oscprepo

Justtryharder
JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-76.51%)
Mutual labels:  penetration-testing, pentest, oscp
Offensive-Reverse-Shell-Cheat-Sheet
Offensive Reverse Shell (Cheat Sheet)
Stars: ✭ 138 (-92.8%)
Mutual labels:  penetration-testing, pentest, oscp
Awesome Oscp
A curated list of awesome OSCP resources
Stars: ✭ 804 (-58.04%)
Mutual labels:  penetration-testing, pentest, oscp
Penetration Testing Study Notes
Penetration Testing notes, resources and scripts
Stars: ✭ 461 (-75.94%)
Mutual labels:  penetration-testing, pentest, oscp
Rapidscan
🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (-59.55%)
Mutual labels:  penetration-testing, oscp
Vhostscan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (-59.97%)
Mutual labels:  penetration-testing, oscp
Hacker Roadmap
📌 Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
Stars: ✭ 7,752 (+304.59%)
Mutual labels:  penetration-testing, pentest
Burp Suite Error Message Checks
Burp Suite extension to passively scan for applications revealing server error messages
Stars: ✭ 45 (-97.65%)
Mutual labels:  penetration-testing, pentest
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+1617.59%)
Mutual labels:  penetration-testing, pentest
Pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (-52.82%)
Mutual labels:  penetration-testing, pentest
Sudo killer
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
Stars: ✭ 1,073 (-44%)
Mutual labels:  pentest, oscp
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (-60.33%)
Mutual labels:  penetration-testing, oscp
Sublert
Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed by specific organizations and issued TLS/SSL certificate.
Stars: ✭ 699 (-63.52%)
Mutual labels:  penetration-testing, pentest
Habu
Hacking Toolkit
Stars: ✭ 635 (-66.86%)
Mutual labels:  penetration-testing, pentest
Pentest Guide
Penetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (-31.32%)
Mutual labels:  penetration-testing, pentest
Burp Suite Software Version Checks
Burp extension to passively scan for applications revealing software version numbers
Stars: ✭ 29 (-98.49%)
Mutual labels:  penetration-testing, pentest
Roadmap
GitBook: OSCP RoadMap
Stars: ✭ 89 (-95.35%)
Mutual labels:  penetration-testing, oscp
Keye
Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.
Stars: ✭ 101 (-94.73%)
Mutual labels:  penetration-testing, pentest
Jwtxploiter
A tool to test security of json web token
Stars: ✭ 130 (-93.22%)
Mutual labels:  penetration-testing, pentest
Thc Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-75.26%)
Mutual labels:  penetration-testing, pentest

OSCPRepo

This is a list of resources and scripts that I have been gathering (and continuing to gather) in preparation for the OSCP. Now achieved, this repo will continue to grow it's resources for future certifications. These are all free resources on the Internet, so feel free to use however you want to help you in your studies/reference material. If I have taken information from you or your work, please let me know so that I can acknowledge you.

Do you have a million bookmarks saved? Do all of those bookmarks contain unique information? Github repos starred for later? I wanted to actually compose and provide a compilation of all of these resources into a single organized notebook. No more need for bookmarked links. No need to open a web browser. Everything will be here for you.

CherryTree

Unable to install KeepNote on Kali-Rolling, the move to CherryTree has happened. Note that the nodes will be jumbled due to the import compared to the KeepNote. Sorting and links will be fixed over time in addition to new content.

Notable Resources

UsefulCommands.ctb

It contains methodologies, commands, and interesting file locations. This has been moving more and more into BookmarkList. The goal will be to ensure UsefulCommands is just that. UsefulCommands. Man pages, reference material, etc. For walkthroughs and detailed information, head to BookmarkList.

BookmarkList.ctb

List after list of compiled bookmarks, github pages, blogs, OSCP reviews, tools, and a lot more compiled into an organized list of bookmarks and references I could go back to (offline). Sources for all resources are still there so you can read the material directly if you desire. This is a work in progress and there are sections I have not read through yet and made child-nodes for yet, but it is still incredibly extensive with more work being done (almost) every day (look at the commit history!)

Parent Nodes

Recon_Scan.py

A popular script in python 3 (python 2 for archive purposes). It's goal is to run nmap, identify popular services, pass that discovery on to other scripts for detailed enumeration etc, and then perform a full nmap scan (in case anything was missed). Partial Sparta integration is complete, and setup.sh will move those files for you. Also check out Vanquish.

From the CLI, reconscan gets the job done with a single ./reconscan.py. It is designed to run multithreaded against multiple targets simultaneously if network bandwidth allows. You can adjust the min-rate in the scripts.

There is now a setup.sh script in /scripts folder that will clone some required repositories, move folders into place, and should make reconscan ready to go. Recon_Scan has been ported to python 3, but may be rough around the edges. Testing help appreciated.

Other Stuff

Folders mostly speak for themselves. Lists contains a bunch of wordlists (setup.sh will download more). Some methodologies and cheat sheets are downloaded. Some tools and scripts are kept local until they become integrated. You can find local enumeration checkers and privesc checkers in their respective folders (note that these are snapshots and not necessarily the most up-to-date versions of these scripts).

GetGitHubStars

A quick powershell script that can grab a user's starred repositories and output them to a csv. I wanted to combine them with my own personal comments for a list of all my stars for easier sorting, tagging, etc. Edit commentsToJSON and they will be added to output.csv. Additionally, the script can go and get trending repositories. TODO: add function to star repos in the script; add function to 'blacklist' popular repositories that you no longer want to see.

Latest Changes

2020 Update: OSCP is now in version 2. I did not buy access to the new material yet, so updates for version 2 are appreciated. I imagine most of the needed material is still included, but could be more streamlined.

26 Dec 18: OSCP achieved. This marks a milestone in the repo that all information needed to pass the OSCP is included here in the relevant sections. Although information cannot replace hands-on practice, if you need a place to start diving into a particular piece deeper, it's here or linked here. Reconscan hasn't necessarily 'expanded' as much as it can, but it's been crucial in the labs, exams, hackthebox, and ctfs. Even if you don't want to use the script, look at the modules for commands you should include in your methodology.

22 Aug 18: BlackHat and Defcon were a blast. There was a lot of bugfixing going on. Scripts are becoming more modular and nicer to work with (say hello to nfs and ldap recon). dirbustEVERYTHING has received a lot of attention including the integration of wfuzz and parameth. You can check which nmap scripts are run and which script they are in with the 'nmap to recon scan mapping' sheet (partially complete because I overwrote the master, but I will finish it again later). Some lists/payloads have been tweaked.

21 May 18: Unicornscan and python mutliprocessing don't go well together. Changed everything to Nmap. It's advisable to adjust --min-rate as needed. Some modules added. Banners. dirbEverything logic and wordlists all updated. Nmap has also been changed to run full connect scans sT. Syn scans are too identifiable (though the speed probably doesn't help this script).

10 Apr 18: Updated LinEnum. Most enumeration scripts are not bad even if they haven't been updated in a few years. I was partial to linuxprivchecker.py for a long time; however, I wanted something just in case a machine didn't have python installed. I really like the idea behind pentestmonkey's linux-privesc-check master branch. I even thought about putting work into Lynis or creating a 'pentest' profile. Eventually I chose to update LinEnum due to it being a single file, relatively updated, and already has features like reporting and verbosity level (thorough). Many additional checks, updated version number, etc. Please let me know if you want additional checks included or find bugs. Enjoy.

28 Mar 18: Some minor updates. Included aliverecon which just does an nmap ping scan. Included nbtscan for additional coverage in smbrecon. Reconscan will now backup everything in the exam folder and move it every time it's launched. Please ensure you always have a targets.txt in place.

4 Mar 18: dirTrav.py as a wrapper for dotdotpwn. It requires a file with a list of URLs to attempt. If it finds anything, it will grab the files listed in the default list (lists/Personal/Misc\ Lists/DirTrav/linux_all.txt). Windows support has not been tested. This script requires a manual invocation. I did not want it to launch automatically from the gobuster results (since there is always a lot of junk and would just increase dirTrav time). Special note, setup.sh alters dotdotpwn so that pressing 'Enter' is not required to start the scan.

20 Feb 18: At the least, httpenum, httpsenum, and dirbustEVERYTHING should be able to handle port changes (ie scan and output different ports manually). httpenum and httpsenum might be pulled out and made their own modules. dirbustEVERYTHING now scans for .php and .html extensions and runs cewl to generate a new list for additional enumeration.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].