OSCP Preparation Part - 2

OSCP Preparation Part - 2

@viluhacker
Instagram and facebook 
Search realvilu

101s(Enumeration)

1. DNS 101 (Basics of DNS and DNS enumaeration, DNS Zone Transfers)
Possible misconfigurations and attack vectors
DNS 101
DNS Hacking (Beginner to Advanced)
3. SMTP 101 (ENUMERATION)
Possible misconfigurations and attack vectors
SMTP User Enumeration
4. SNMP 101 (ENUMERATION, MIB Tree)
Possible misconfigurations and attack vectors
SNMP enumeration with snmpenum and snmpwalk
5. FTP 101 (Enumeration, File Transfers)
Possible misconfigurations and attack vectors
6. SSH(Enumeration, Port Forwarding)
Possible misconfigurations and attack vectors
SSH Tunneling Explained
Port Forwarding in Windows

Tools

Web App Pentesting

Programming

Write codes for the below tasks in all the above mentioned languages:

  1. Write a script to accept user input and ping all the hosts in the given range and display which hosts are alive and which are not
  2. Write a script to perform a basic nmap scan on the given host
  3. Write a script to crawl hyperlinks from a given file and display them in output

OS(Users,Privilages,Groups,UID,UAC)

MISC



Buffer link 
**Useful resources for Learning and Hands on practice for buffer overflows**
https://www.exploit-db.com/exploits/40673/
http://camelinc.info/blog/2014/05/Aviosoft-Digital-TV-Player-Professional-1.0-Stack-Buffer-Overflow/
http://pusheax.com/exploit-writing-stack-based-buffer-overflow/
http://tekwizz123.blogspot.in/2014/02/bypassing-aslr-and-dep-on-windows-7.html?m=1
http://www.arti-sec.com/article/buffer-overflow-slmail-5504433-full-development
http://blog.gojhonny.com/2013/10/buffer-overflow-smashing-stack-tutorial.html
https://github.com/AnasFullStack/Penetration-Testing/blob/master/pwk/Win32_Buffer_Overflow_Exploitation.md
https://royleekiat.com/2016/01/15/buffer-overflow-attack-on-pcman-ftp-server-2-07-using-the-metasploit-framework-and-corelan-teams-mona-script/ *using msf
http://www.primalsecurity.net/0x3-python-tutorial-fuzzer/
http://0xdeadcode.se/archives/178 <-- minishare
https://bogner.sh/2016/04/the-hard-life-of-exploit-developers/
http://ch3rn0byl.com/intro-to-buffer-overflows/
http://netsec.ws/?p=180
https://t0w3ntum.wordpress.com/2016/07/22/buffer-overflows-and-you/ <--good scripts
http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v190-buffer-overflow
http://sh3llc0d3r.com/vulnserver-trun-command-buffer-overflow-exploit/
http://n01g3l.tumblr.com/post/49036035399/linux-crossfire-v190-buffer-overflow
http://www.primalsecurity.net/0x0-exploit-tutorial-buffer-overflow-vanilla-eip-overwrite-2/
http://www.securitysift.com/windows-exploit-development-part-2-intro-stack-overflow/
https://samsclass.info/127/proj/vuln-server.htm
http://www.fuzzysecurity.com/tutorials/expDev/2.html FreeFloat FTP
https://www.phillips321.co.uk/2012/08/02/writing-my-first-exploit-freefloat-ftp/
https://www.mattandreko.com/2013/04/06/buffer-overflow-in-hexchat-294/
http://proactivedefender.blogspot.in/2013/05/understanding-buffer-overflows.html?m=1
https://rootisthelimit.com/first-buffer-overflow/ <-- Ability 2.34
http://rgolebiowski.blogspot.in/2016/02/brain-pain.html