GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → security-prince → Pwk Oscp Preparation Roadmap

security-prince / Pwk Oscp Preparation Roadmap

Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

Labels

enumerationoscpoffensive-security

Projects that are alternatives of or similar to Pwk Oscp Preparation Roadmap

Rapidscan
🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+445.77%)
Mutual labels:  enumeration, oscp, offensive-security
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1184.51%)
Mutual labels:  enumeration, oscp, offensive-security
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1257.75%)
Mutual labels:  enumeration, offensive-security
Vanquish
Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (+216.2%)
Mutual labels:  oscp, offensive-security
Oscp Exam Report Template
Modified template for the OSCP Exam and Labs. Used during my passing attempt
Stars: ✭ 506 (+256.34%)
Mutual labels:  oscp, offensive-security
Buffer overflow
Don't let buffer overflows overflow your mind
Stars: ✭ 131 (-7.75%)
Mutual labels:  oscp, offensive-security
Oscp Human Guide
My own OSCP guide
Stars: ✭ 358 (+152.11%)
Mutual labels:  oscp, offensive-security
Redteam Tactics And Techniques
Red Teaming Tactics and Techniques
Stars: ✭ 2,190 (+1442.25%)
Mutual labels:  oscp, offensive-security
ggtfobins
Get GTFOBins info about a given exploit from the command line
Stars: ✭ 27 (-80.99%)
Mutual labels:  enumeration, oscp
Vhostscan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+440.14%)
Mutual labels:  oscp, offensive-security
Oscp Complete Guide
How to prepare for OSCP complete guide
Stars: ✭ 120 (-15.49%)
Mutual labels:  enumeration, oscp
Ctf Notes
Everything needed for doing CTFs
Stars: ✭ 304 (+114.08%)
Mutual labels:  enumeration, oscp
fransRecon
Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated using Sublist3r.
Stars: ✭ 31 (-78.17%)
Mutual labels:  enumeration, oscp
Oscp Pwk
This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.
Stars: ✭ 406 (+185.92%)
Mutual labels:  oscp, offensive-security
oscp-omnibus
A collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-67.61%)
Mutual labels:  offensive-security, oscp
Dostoevsky Pentest Notes
Notes for taking the OSCP in 2097. Read in book form on GitBook
Stars: ✭ 495 (+248.59%)
Mutual labels:  enumeration, oscp
OSCP-A-Step-Forward
Opening the door, one reverse shell at a time
Stars: ✭ 126 (-11.27%)
Mutual labels:  offensive-security, oscp
php-reverse-shell
PHP shells that work on Linux OS, macOS, and Windows OS.
Stars: ✭ 274 (+92.96%)
Mutual labels:  offensive-security, oscp
Interlace
Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
Stars: ✭ 760 (+435.21%)
Mutual labels:  enumeration, oscp
Awesome Oscp
A curated list of awesome OSCP resources
Stars: ✭ 804 (+466.2%)
Mutual labels:  oscp, offensive-security
View All Similar Projects ➔

Updated posted is at https://ishaqmohammed.me/posts/pwk-oscp-preparation-roadmap/

My roadmap for preparing for OSCP, anyone is free to use this and also feedback and contributions are welcome

101s(Enumeration)

1. DNS 101 (Basics of DNS and DNS enumaeration, DNS Zone Transfers)
Possible misconfigurations and attack vectors
DNS 101
DNS 201
DNS Hacking (Beginner to Advanced)

2. SMB 101 (SMB Enumeration,Null Session Enumeration, NetBIOS)
Possible misconfigurations and attack vectors
Just what is SMB?
SMB enumeration with Kali Linux – enum4linux, acccheck and smbmap
Windows Null Session Enumeration
NetBIOS Enumeration And Null Session
NetBIOS and SMB Penetration Testing on Windows
nbtscan Cheat Sheet

3. SMTP 101 (ENUMERATION)
Possible misconfigurations and attack vectors
SMTP User Enumeration

4. SNMP 101 (ENUMERATION, MIB Tree)
Possible misconfigurations and attack vectors
SNMP enumeration with snmpenum and snmpwalk

5. FTP 101 (Enumeration, File Transfers)
Possible misconfigurations and attack vectors

6. SSH(Enumeration, Port Forwarding)
Possible misconfigurations and attack vectors
SSH Tunneling Explained
Port Forwarding in Windows

Tools

1. NMAP 101 Port Scanning (TCP Connect Scan, UDP Scanning, Using NSE Scripts)
Hacking Articles:NMAP
NMAP - Port-Scanning: A Practical Approach Modified for better
2. Wireshark 101(Capture and display filters, filters)
3 TCPDump (Filtering Traffic, Advanced header filtering)
4. Reverse and Bind shell, Transferring Files, Types of shells(tty,pty)
Netcat Tutorials for Beginner
Reverse Shell Cheat Sheet
Reverse Shell Cheat Sheet
7 Linux Shells Using Built-in Tools
Spawning a TTY Shell
Upgrading simple shells to fully interactive TTYs
Transferring Files from Linux to Windows (post-exploitation)
Netcat without -e? No Problem!
5. Recon-NG
Intro to Recon-ng
Recon-ng: Usage Guide
6. Metasploit
Metasploit Unleashed
Creating Metasploit Payloads

Web App Pentesting

1. LFI(LFI to RCE)
LFI Cheat Sheet
Upgrade from LFI to RCE via PHP Sessions
5 ways to Exploit LFi Vulnerability
2. RFI(RFI to RCE)
3. SQL Injection (SQLi to RCE)
Full SQL Injection Tutorial (MySQL)
Client Side Attacks

Programming

1. Bash 101
Bash Handbook
BASH Programming - Introduction HOW-TO
2. Python 101
Python for Pentesters
learnpythonthehardway
3. Ruby 101
4. Powershell
5. Assembly 101
Security Tube:
Assembly Language Megaprimer for Linux
Windows Assembly Language Megaprimer

Write codes for the below tasks in all the above mentioned languages:

  1. Write a script to accept user input and ping all the hosts in the given range and display which hosts are alive and which are not
  2. Write a script to perform a basic nmap scan on the given host
  3. Write a script to crawl hyperlinks from a given file and display them in output

OS(Users,Privilages,Groups,UID,UAC)

A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz

1. Post-Exploitation
Priivilage Escalation(Windows and Linux)
Elevating privileges by exploiting weak folder permissions
Windows Privilege Escalation Fundamentals
Windows Privilege Escalation Commands
Basic Linux Privilege Escalation
MySQL Root to System Root with lib_mysqludf_sys for Windows and Linux
A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz
Attack and Defend: Linux Privilege Escalation Techniques of 2016
Abusing SUDO (Linux Privilege Escalation)

Buffer Overflows
Buffer Overflow Attack - Computerphile
Exploit writing tutorial part 1 : Stack Based Overflows
Useful resources for Learning and Hands on practice for buffer overflows

MISC

Dostoevskylabs's PenTest Notes
This challenge was built to promote the Windows / Linux Local Privilege
What is Enumeration?
PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained.
Penetration Testing Tools Cheat Sheet
Common services
CTF Resources - Pen-Test Links
Blogposts on Hackthebox solutions, PWK and OSCP by @0xdf_

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].