Skip to content

Commit

Permalink
ReadMe.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@RihaMaheshwari
RihaMaheshwari authored Jun 20, 2020
1 parent 86d8282 commit 927613d
Showing 1 changed file with 100 additions and 102 deletions.
202 changes: 100 additions & 102 deletions ReadMe.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,117 +3,115 @@
## **OSCP Approach**
For you to begin, I have divided the OSCP Preparation in three phases i.e. Pre-Enrolment, Post-Enrolment and Examination. Hope this helps!!

Approach for OSCP Examination - [(https://jagskap.blogspot.com/)]
**Approach for OSCP Examination - https://jagskap.blogspot.com/**

Other Blogs to refer -
```
https://www.secjuice.com/oscp-prep-guidance/
https://fluidattacks.com/web/blog/oscp-journey/
http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/
https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/
```

* OSCP Preparation Guide - https://www.secjuice.com/oscp-prep-guidance/
* OSCP Journey - https://fluidattacks.com/web/blog/oscp-journey/
* OSCP Preparation (Newbie) -http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/
* Pentest tips and Tricks - https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/

## **Basic understanding**
```
Reverse and Bind Shell - https://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/
Nmap - https://resources.infosecinstitute.com/nmap/#gref
Netcat and ncat Basics - https://www.varonis.com/blog/netcat-commands/
Metasploit - https://www.offensive-security.com/metasploit-unleashed/metasploit-fundamentals/
Sceneriao Based Exploitation - Metasploit - http://www.fuzzysecurity.com/tutorials/13.html
Certutil for File Transfer - http://carnal0wnage.attackresearch.com/2017/08/certutil-for-delivery-of-files.html
Ways to Download a file - https://blog.netspi.com/15-ways-to-download-a-file/
Web Application Attacks - https://kentosec.com/2018/08/12/oscp-prep-episode-9-web-app-attacks/
Reverse Shell - http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
One Liner Reverse shell - http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
Different ways to get shell - https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
Spawning a TTY shell - https://netsec.ws/?p=337
Port Forwarding - https://www.howtoforge.com/port-forwarding-with-rinetd-on-debian-etch
Best Enumeration - http://www.0daysecurity.com/penetration-testing/enumeration.html
```

* Reverse and Bind Shell - https://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/
* Nmap - https://resources.infosecinstitute.com/nmap/#gref
* Netcat and ncat Basics - https://www.varonis.com/blog/netcat-commands/
* Metasploit - https://www.offensive-security.com/metasploit-unleashed/metasploit-fundamentals/
* Sceneriao Based Exploitation - Metasploit - http://www.fuzzysecurity.com/tutorials/13.html
* Certutil for File Transfer - http://carnal0wnage.attackresearch.com/2017/08/certutil-for-delivery-of-files.html
* Ways to Download a file - https://blog.netspi.com/15-ways-to-download-a-file/
* Web Application Attacks - https://kentosec.com/2018/08/12/oscp-prep-episode-9-web-app-attacks/
* Reverse Shell - http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
* One Liner Reverse shell - http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
* Different ways to get shell - https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
* Spawning a TTY shell - https://netsec.ws/?p=337
* Port Forwarding - https://www.howtoforge.com/port-forwarding-with-rinetd-on-debian-etch
* Best Enumeration - http://www.0daysecurity.com/penetration-testing/enumeration.html

## **Machines**
#### **Beginners**
```
Kioptrix: Level 1 - https://www.vulnhub.com/entry/kioptrix-level-1-1,22/
Kioptrix: Level 1.1 - https://www.vulnhub.com/entry/kioptrix-level-11-2,23/
Kioptrix: Level 1.2 - https://www.vulnhub.com/entry/kioptrix-level-12-3,24/
Kioptrix: Level 1.3 - https://www.vulnhub.com/entry/kioptrix-level-13-4,25/
FristiLeaks: 1.3 - https://www.vulnhub.com/entry/fristileaks-13,133/
Stapler: 1 - https://www.vulnhub.com/entry/stapler-1,150/
PwnLab: init - https://www.vulnhub.com/entry/pwnlab-init,158/
Mr-Robot: 1 - https://www.vulnhub.com/entry/mr-robot-1,151/
```

* Kioptrix: Level 1 - https://www.vulnhub.com/entry/kioptrix-level-1-1,22/
* Kioptrix: Level 1.1 - https://www.vulnhub.com/entry/kioptrix-level-11-2,23/
* Kioptrix: Level 1.2 - https://www.vulnhub.com/entry/kioptrix-level-12-3,24/
* Kioptrix: Level 1.3 - https://www.vulnhub.com/entry/kioptrix-level-13-4,25/
* FristiLeaks: 1.3 - https://www.vulnhub.com/entry/fristileaks-13,133/
* Stapler: 1 - https://www.vulnhub.com/entry/stapler-1,150/
* PwnLab: init - https://www.vulnhub.com/entry/pwnlab-init,158/
* Mr-Robot: 1 - https://www.vulnhub.com/entry/mr-robot-1,151/

#### **Intermediate**
```
Kioptrix: 2014 - https://www.vulnhub.com/entry/kioptrix-2014-5,62/
Brainpan: (Bufer Overflow) - https://www.vulnhub.com/entry/brainpan-1,51/
HackLAB: Vulnix - https://www.vulnhub.com/entry/hacklab-vulnix,48/
```

* Kioptrix: 2014 - https://www.vulnhub.com/entry/kioptrix-2014-5,62/
* Brainpan: (Bufer Overflow) - https://www.vulnhub.com/entry/brainpan-1,51/
* HackLAB: Vulnix - https://www.vulnhub.com/entry/hacklab-vulnix,48/

#### **Advance**
```
VulnOS: 2 - https://www.vulnhub.com/entry/vulnos-2,147/
SickOs: 1.2 - https://www.vulnhub.com/entry/sickos-12,144/
/dev/random: scream - https://www.vulnhub.com/entry/devrandom-scream,47/
pWnOS: 2.0 - https://www.vulnhub.com/entry/pwnos-20-pre-release,34/
SkyTower: 1 - https://www.vulnhub.com/entry/skytower-1,96/
IMF - https://www.vulnhub.com/entry/imf-1,162/
```

* VulnOS: 2 - https://www.vulnhub.com/entry/vulnos-2,147/
* SickOs: 1.2 - https://www.vulnhub.com/entry/sickos-12,144/
* /dev/random: scream - https://www.vulnhub.com/entry/devrandom-scream,47/
* pWnOS: 2.0 - https://www.vulnhub.com/entry/pwnos-20-pre-release,34/
* SkyTower: 1 - https://www.vulnhub.com/entry/skytower-1,96/
* IMF - https://www.vulnhub.com/entry/imf-1,162/

## **Linux Gaining Shell/Privilege Escalation**
```
Gotmilk - https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
SUID - Priv Esc- https://pentestlab.blog/category/privilege-escalation/
SUDO - Priv Esc - https://touhidshaikh.com/blog/?p=790
Priv Esc- suid - https://www.hackingarticles.in/linux-privilege-escalation-using-suid-binaries/
Exploit- Priv Esc- https://payatu.com/guide-linux-privilege-escalation/
Samba - https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/#smb-enumeration-tools
Using . in Path - https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/
CronTab - https://www.hackingarticles.in/linux-privilege-escalation-by-exploiting-cron-jobs/
LFI Tricks- https://sushant747.gitbooks.io/total-oscp-guide/local_file_inclusion.html
NFS - https://www.tecmint.com/how-to-setup-nfs-server-in-linux/
Mysql UDF Exploit - Priv esc - https://www.adampalmer.me/iodigitalsec/2013/08/13/mysql-root-to-system-root-with-udf-for-windows-and-linux/
SSH authorized key - http://blog.jr0ch17.com/2018/No-RCE-then-SSH-to-the-box/
Editing etc/passwd file priv esc - https://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/
Understanding etc/passwd file format - https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/
MySQL - Raptor Udf.c - https://github.com/1N3/PrivEsc/blob/master/mysql/raptor_udf.c
MySql UDF Exploit - https://www.facebook.com/notes/security-training-share/mysql-root-to-system-root-with-lib_mysqludf_sys-for-windows-and-linux/865458806817957/
MSSQL to RCE - https://www.tarlogic.com/en/blog/red-team-tales-0x01/
TFTP- https://null-byte.wonderhowto.com/how-to/hack-like-pro-using-tftp-install-malicious-software-target-0157547/
```

* Gotmilk - https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
* SUID - Priv Esc- https://pentestlab.blog/category/privilege-escalation/
* SUDO - Priv Esc - https://touhidshaikh.com/blog/?p=790
* Priv Esc- suid - https://www.hackingarticles.in/linux-privilege-escalation-using-suid-binaries/
* Exploit- Priv Esc- https://payatu.com/guide-linux-privilege-escalation/
* Samba - https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/#smb-enumeration-tools
* Using . in Path - https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/
* CronTab - https://www.hackingarticles.in/linux-privilege-escalation-by-exploiting-cron-jobs/
* LFI Tricks- https://sushant747.gitbooks.io/total-oscp-guide/local_file_inclusion.html
* NFS - https://www.tecmint.com/how-to-setup-nfs-server-in-linux/
* Mysql UDF Exploit - Priv esc - https://www.adampalmer.me/iodigitalsec/2013/08/13/mysql-root-to-system-root-with-udf-for-windows-and-linux/
* SSH authorized key - http://blog.jr0ch17.com/2018/No-RCE-then-SSH-to-the-box/
* Editing etc/passwd file priv esc - https://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/
* Understanding etc/passwd file format - https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/
* MySQL - Raptor Udf.c - https://github.com/1N3/PrivEsc/blob/master/mysql/raptor_udf.c
* MySql UDF Exploit - https://www.facebook.com/notes/security-training-share/mysql-root-to-system-root-with-lib_mysqludf_sys-for-windows-and-linux/865458806817957/
* MSSQL to RCE - https://www.tarlogic.com/en/blog/red-team-tales-0x01/
* TFTP- https://null-byte.wonderhowto.com/how-to/hack-like-pro-using-tftp-install-malicious-software-target-0157547/

## **Windows Gaining Shell/Privilege Escalation**
```
Hacking & Security - http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html
Fuzzy Security - http://www.fuzzysecurity.com/tutorials/16.html
GUIF - https://guif.re/windowseop
MySql UDF Exploit windows -https://osandamalith.com/2018/02/11/mysql-udf-exploitation/
Priv Esc Methods - https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
Priv Esc Guide - https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
```

* Hacking & Security - http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html
* Fuzzy Security - http://www.fuzzysecurity.com/tutorials/16.html
* GUIF - https://guif.re/windowseop
* MySql UDF Exploit windows -https://osandamalith.com/2018/02/11/mysql-udf-exploitation/
* Priv Esc Methods - https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
* Priv Esc Guide - https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/

## **Buffer Overflow**
```
Understanding BO - https://www.radiojitter.com/buffer-overflow-exploit-part-1/
Understanding BO - https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
Brainpan - https://jagskap.blogspot.com/2019/06/brainpan-buffer-overflow.html
SLMAIL 5.50 Mail Server - https://github.com/R4v3nG/Seattle-Lab-Mail-SLmail-5.5-POP3-PASS-Remote-Buffer-Overflow
```

* Understanding BO - https://www.radiojitter.com/buffer-overflow-exploit-part-1/
* Understanding BO - https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
* Brainpan - https://jagskap.blogspot.com/2019/06/brainpan-buffer-overflow.html
* SLMAIL 5.50 Mail Server - https://github.com/R4v3nG/Seattle-Lab-Mail-SLmail-5.5-POP3-PASS-Remote-Buffer-Overflow

## **Scripts**
```
LinEnum - https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh
Linux Priv Checker - https://gist.github.com/sh1n0b1/e2e1a5f63fbec3706123
Windows Service pack exploits- https://github.com/abatchy17/
Powershell Exploit - https://github.com/EmpireProject/Empire/tree/master/data/module_source/privesc
Windows Privesc Check - Powershell - https://github.com/silentsignal/wpc-ps
Priv Esc Vul Checker - https://github.com/rasta-mouse/Sherlock
SecLists - https://github.com/danielmiessler/SecLists
Windows Privesc Check - https://github.com/pentestmonkey/windows-privesc-check
Just Another windows Enum Script - https://github.com/411Hall/JAWS
Windows Privesc Check - Powershell - https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc
Windows-Privilege-Escalation - https://github.com/frizb/Windows-Privilege-Escalation
Payload of All Things - Windows PrivEsc - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
Payload of All Things - https://github.com/swisskyrepo/PayloadsAllTheThings
```

* LinEnum - https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh
* Linux Priv Checker - https://gist.github.com/sh1n0b1/e2e1a5f63fbec3706123
* Windows Service pack exploits- https://github.com/abatchy17/
* Powershell Exploit - https://github.com/EmpireProject/Empire/tree/master/data/module_source/privesc
* Windows Privesc Check - Powershell - https://github.com/silentsignal/wpc-ps
* Priv Esc Vul Checker - https://github.com/rasta-mouse/Sherlock
* SecLists - https://github.com/danielmiessler/SecLists
* Windows Privesc Check - https://github.com/pentestmonkey/windows-privesc-check
* Just Another windows Enum Script - https://github.com/411Hall/JAWS
* Windows Privesc Check - Powershell - https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc
* Windows-Privilege-Escalation - https://github.com/frizb/Windows-Privilege-Escalation
* Payload of All Things - Windows PrivEsc - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
* Payload of All Things - https://github.com/swisskyrepo/PayloadsAllTheThings

## **Practice Platforms**
```
Vulnhub - https://www.vulnhub.com/
HackTheBox - https://www.hackthebox.eu/
Metasploitable2 - https://sourceforge.net/projects/metasploitable/
DVWA - https://github.com/ethicalhack3r/DVWA
```

* Vulnhub - https://www.vulnhub.com/
* HackTheBox - https://www.hackthebox.eu/
* Metasploitable2 - https://sourceforge.net/projects/metasploitable/
* DVWA - https://github.com/ethicalhack3r/DVWA

0 comments on commit 927613d

Please sign in to comment.