OSCP Preparation Part - 2
OSCP Preparation Part - 2
@viluhacker
Instagram and facebook
Search realvilu
101s(Enumeration)
1. DNS 101 (Basics of DNS and DNS enumaeration, DNS Zone Transfers)
Possible misconfigurations and attack vectors
DNS 101
DNS Hacking (Beginner to Advanced)
Possible misconfigurations and attack vectors
DNS 101
DNS Hacking (Beginner to Advanced)
2. SMB 101 (SMB Enumeration,Null Session Enumeration, NetBIOS)
Possible misconfigurations and attack vectors
Just what is SMB?
SMB enumeration with Kali Linux – enum4linux, acccheck and smbmap
Windows Null Session Enumeration
NetBIOS Enumeration And Null Session
NetBIOS and SMB Penetration Testing on Windows
nbtscan Cheat Sheet
Possible misconfigurations and attack vectors
Just what is SMB?
SMB enumeration with Kali Linux – enum4linux, acccheck and smbmap
Windows Null Session Enumeration
NetBIOS Enumeration And Null Session
NetBIOS and SMB Penetration Testing on Windows
nbtscan Cheat Sheet
4. SNMP 101 (ENUMERATION, MIB Tree)
Possible misconfigurations and attack vectors
SNMP enumeration with snmpenum and snmpwalk
Possible misconfigurations and attack vectors
SNMP enumeration with snmpenum and snmpwalk
5. FTP 101 (Enumeration, File Transfers)
Possible misconfigurations and attack vectors
Possible misconfigurations and attack vectors
6. SSH(Enumeration, Port Forwarding)
Possible misconfigurations and attack vectors
SSH Tunneling Explained
Port Forwarding in Windows
Possible misconfigurations and attack vectors
SSH Tunneling Explained
Port Forwarding in Windows
Tools
1. NMAP 101 Port Scanning (TCP Connect Scan, UDP Scanning, Using NSE Scripts)
Hacking Articles:NMAP
NMAP - Port-Scanning: A Practical Approach Modified for better
2. Wireshark 101(Capture and display filters, filters)
3 TCPDump (Filtering Traffic, Advanced header filtering)
4. Reverse and Bind shell, Transferring Files, Types of shells(tty,pty)
Netcat Tutorials for Beginner
Reverse Shell Cheat Sheet
Reverse Shell Cheat Sheet
7 Linux Shells Using Built-in Tools
Spawning a TTY Shell
Upgrading simple shells to fully interactive TTYs
Transferring Files from Linux to Windows (post-exploitation)
Netcat without -e? No Problem!
5. Recon-NG
Intro to Recon-ng
Recon-ng: Usage Guide
6. Metasploit
Metasploit Unleashed
Creating Metasploit Payloads
Hacking Articles:NMAP
NMAP - Port-Scanning: A Practical Approach Modified for better
2. Wireshark 101(Capture and display filters, filters)
3 TCPDump (Filtering Traffic, Advanced header filtering)
4. Reverse and Bind shell, Transferring Files, Types of shells(tty,pty)
Netcat Tutorials for Beginner
Reverse Shell Cheat Sheet
Reverse Shell Cheat Sheet
7 Linux Shells Using Built-in Tools
Spawning a TTY Shell
Upgrading simple shells to fully interactive TTYs
Transferring Files from Linux to Windows (post-exploitation)
Netcat without -e? No Problem!
5. Recon-NG
Intro to Recon-ng
Recon-ng: Usage Guide
6. Metasploit
Metasploit Unleashed
Creating Metasploit Payloads
Web App Pentesting
1. LFI(LFI to RCE)
LFI Cheat Sheet
Upgrade from LFI to RCE via PHP Sessions
5 ways to Exploit LFi Vulnerability
2. RFI(RFI to RCE)
3. SQL Injection (SQLi to RCE)
Full SQL Injection Tutorial (MySQL)
Client Side Attacks
LFI Cheat Sheet
Upgrade from LFI to RCE via PHP Sessions
5 ways to Exploit LFi Vulnerability
2. RFI(RFI to RCE)
3. SQL Injection (SQLi to RCE)
Full SQL Injection Tutorial (MySQL)
Client Side Attacks
Programming
1. Bash 101
Bash Handbook
BASH Programming - Introduction HOW-TO
2. Python 101
Python for Pentesters
learnpythonthehardway
3. Ruby 101
4. Powershell
5. Assembly 101
Security Tube:
Assembly Language Megaprimer for Linux
Windows Assembly Language Megaprimer
Bash Handbook
BASH Programming - Introduction HOW-TO
2. Python 101
Python for Pentesters
learnpythonthehardway
3. Ruby 101
4. Powershell
5. Assembly 101
Security Tube:
Assembly Language Megaprimer for Linux
Windows Assembly Language Megaprimer
Write codes for the below tasks in all the above mentioned languages:
- Write a script to accept user input and ping all the hosts in the given range and display which hosts are alive and which are not
- Write a script to perform a basic nmap scan on the given host
- Write a script to crawl hyperlinks from a given file and display them in output
OS(Users,Privilages,Groups,UID,UAC)
1. Post-Exploitation
Priivilage Escalation(Windows and Linux)
Elevating privileges by exploiting weak folder permissions
Windows Privilege Escalation Fundamentals
Windows Privilege Escalation Commands
Basic Linux Privilege Escalation
MySQL Root to System Root with lib_mysqludf_sys for Windows and Linux
A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz
Attack and Defend: Linux Privilege Escalation Techniques of 2016
Abusing SUDO (Linux Privilege Escalation)
Priivilage Escalation(Windows and Linux)
Elevating privileges by exploiting weak folder permissions
Windows Privilege Escalation Fundamentals
Windows Privilege Escalation Commands
Basic Linux Privilege Escalation
MySQL Root to System Root with lib_mysqludf_sys for Windows and Linux
A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz
Attack and Defend: Linux Privilege Escalation Techniques of 2016
Abusing SUDO (Linux Privilege Escalation)
Buffer Overflows
Buffer Overflow Attack - Computerphile
Exploit writing tutorial part 1 : Stack Based Overflows
Useful resources for Learning and Hands on practice for buffer overflows
Buffer Overflow Attack - Computerphile
Exploit writing tutorial part 1 : Stack Based Overflows
Useful resources for Learning and Hands on practice for buffer overflows
MISC
Dostoevskylabs's PenTest Notes
This challenge was built to promote the Windows / Linux Local Privilege
What is Enumeration?
PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained.
Penetration Testing Tools Cheat Sheet
Common services
CTF Resources - Pen-Test Links
Blogposts on Hackthebox solutions, PWK and OSCP
This challenge was built to promote the Windows / Linux Local Privilege
What is Enumeration?
PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained.
Penetration Testing Tools Cheat Sheet
Common services
CTF Resources - Pen-Test Links
Blogposts on Hackthebox solutions, PWK and OSCP
Buffer link