OSCP Preparation Material
OSCP Approach
For you to begin, I have divided the OSCP Preparation in three phases i.e. Pre-Enrolment, Post-Enrolment and Examination. Hope this helps!!
Approach for OSCP Examination - https://jagskap.blogspot.com/2020/06/approach-to-crack-oscp-examination.html
Other Blogs to refer -
- OSCP Preparation Guide - https://www.secjuice.com/oscp-prep-guidance/
- OSCP Journey - https://fluidattacks.com/web/blog/oscp-journey/
- OSCP Preparation (Newbie) -http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/
- Pentest tips and Tricks - https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/
Basic understanding
- Reverse and Bind Shell - https://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/
- Nmap - https://resources.infosecinstitute.com/nmap/#gref
- Netcat and ncat Basics - https://www.varonis.com/blog/netcat-commands/
- Metasploit - https://www.offensive-security.com/metasploit-unleashed/metasploit-fundamentals/
- Sceneriao Based Exploitation - Metasploit - http://www.fuzzysecurity.com/tutorials/13.html
- Certutil for File Transfer - http://carnal0wnage.attackresearch.com/2017/08/certutil-for-delivery-of-files.html
- Ways to Download a file - https://blog.netspi.com/15-ways-to-download-a-file/
- Web Application Attacks - https://kentosec.com/2018/08/12/oscp-prep-episode-9-web-app-attacks/
- Reverse Shell - http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
- One Liner Reverse shell - http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
- Different ways to get shell - https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/
- Spawning a TTY shell - https://netsec.ws/?p=337
- Port Forwarding - https://www.howtoforge.com/port-forwarding-with-rinetd-on-debian-etch
- Best Enumeration - http://www.0daysecurity.com/penetration-testing/enumeration.html
Machines
Beginners
- Kioptrix: Level 1 - https://www.vulnhub.com/entry/kioptrix-level-1-1,22/
- Kioptrix: Level 1.1 - https://www.vulnhub.com/entry/kioptrix-level-11-2,23/
- Kioptrix: Level 1.2 - https://www.vulnhub.com/entry/kioptrix-level-12-3,24/
- Kioptrix: Level 1.3 - https://www.vulnhub.com/entry/kioptrix-level-13-4,25/
- FristiLeaks: 1.3 - https://www.vulnhub.com/entry/fristileaks-13,133/
- Stapler: 1 - https://www.vulnhub.com/entry/stapler-1,150/
- PwnLab: init - https://www.vulnhub.com/entry/pwnlab-init,158/
- Mr-Robot: 1 - https://www.vulnhub.com/entry/mr-robot-1,151/
Intermediate
- Kioptrix: 2014 - https://www.vulnhub.com/entry/kioptrix-2014-5,62/
- Brainpan: (Bufer Overflow) - https://www.vulnhub.com/entry/brainpan-1,51/
- HackLAB: Vulnix - https://www.vulnhub.com/entry/hacklab-vulnix,48/
Advance
- VulnOS: 2 - https://www.vulnhub.com/entry/vulnos-2,147/
- SickOs: 1.2 - https://www.vulnhub.com/entry/sickos-12,144/
- /dev/random: scream - https://www.vulnhub.com/entry/devrandom-scream,47/
- pWnOS: 2.0 - https://www.vulnhub.com/entry/pwnos-20-pre-release,34/
- SkyTower: 1 - https://www.vulnhub.com/entry/skytower-1,96/
- IMF - https://www.vulnhub.com/entry/imf-1,162/
Linux Gaining Shell/Privilege Escalation
- Gotmilk - https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
- SUID - Priv Esc- https://pentestlab.blog/category/privilege-escalation/
- SUDO - Priv Esc - https://touhidshaikh.com/blog/?p=790
- Priv Esc- suid - https://www.hackingarticles.in/linux-privilege-escalation-using-suid-binaries/
- Exploit- Priv Esc- https://payatu.com/guide-linux-privilege-escalation/
- Samba - https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/#smb-enumeration-tools
- Using . in Path - https://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/
- CronTab - https://www.hackingarticles.in/linux-privilege-escalation-by-exploiting-cron-jobs/
- LFI Tricks- https://sushant747.gitbooks.io/total-oscp-guide/local_file_inclusion.html
- NFS - https://www.tecmint.com/how-to-setup-nfs-server-in-linux/
- Mysql UDF Exploit - Priv esc - https://www.adampalmer.me/iodigitalsec/2013/08/13/mysql-root-to-system-root-with-udf-for-windows-and-linux/
- SSH authorized key - http://blog.jr0ch17.com/2018/No-RCE-then-SSH-to-the-box/
- Editing etc/passwd file priv esc - https://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/
- Understanding etc/passwd file format - https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/
- MySQL - Raptor Udf.c - https://github.com/1N3/PrivEsc/blob/master/mysql/raptor_udf.c
- MySql UDF Exploit - https://www.facebook.com/notes/security-training-share/mysql-root-to-system-root-with-lib_mysqludf_sys-for-windows-and-linux/865458806817957/
- MSSQL to RCE - https://www.tarlogic.com/en/blog/red-team-tales-0x01/
- TFTP- https://null-byte.wonderhowto.com/how-to/hack-like-pro-using-tftp-install-malicious-software-target-0157547/
Windows Gaining Shell/Privilege Escalation
- Hacking & Security - http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html
- Fuzzy Security - http://www.fuzzysecurity.com/tutorials/16.html
- GUIF - https://guif.re/windowseop
- MySql UDF Exploit windows -https://osandamalith.com/2018/02/11/mysql-udf-exploitation/
- Priv Esc Methods - https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
- Priv Esc Guide - https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
Buffer Overflow
- Understanding BO - https://www.radiojitter.com/buffer-overflow-exploit-part-1/
- Understanding BO - https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
- Brainpan - https://jagskap.blogspot.com/2019/06/brainpan-buffer-overflow.html
- SLMAIL 5.50 Mail Server - https://github.com/R4v3nG/Seattle-Lab-Mail-SLmail-5.5-POP3-PASS-Remote-Buffer-Overflow
Scripts
- LinEnum - https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh
- Linux Priv Checker - https://gist.github.com/sh1n0b1/e2e1a5f63fbec3706123
- Windows Service pack exploits- https://github.com/abatchy17/
- Powershell Exploit - https://github.com/EmpireProject/Empire/tree/master/data/module_source/privesc
- Windows Privesc Check - Powershell - https://github.com/silentsignal/wpc-ps
- Priv Esc Vul Checker - https://github.com/rasta-mouse/Sherlock
- SecLists - https://github.com/danielmiessler/SecLists
- Windows Privesc Check - https://github.com/pentestmonkey/windows-privesc-check
- Just Another windows Enum Script - https://github.com/411Hall/JAWS
- Windows Privesc Check - Powershell - https://github.com/PowerShellMafia/PowerSploit/tree/master/Privesc
- Windows-Privilege-Escalation - https://github.com/frizb/Windows-Privilege-Escalation
- Payload of All Things - Windows PrivEsc - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
- Payload of All Things - https://github.com/swisskyrepo/PayloadsAllTheThings
Practice Platforms
- Vulnhub - https://www.vulnhub.com/
- HackTheBox - https://www.hackthebox.eu/
- Metasploitable2 - https://sourceforge.net/projects/metasploitable/
- DVWA - https://github.com/ethicalhack3r/DVWA