└── README.md /README.md: -------------------------------------------------------------------------------- 1 | # Awesome OSCP 2 | 3 | [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome) 4 | 5 | > A curated list of awesome OSCP resources 6 | 7 | 8 | ## Contents 9 | 10 | - [Resources](#resources) 11 | - [OSCP Reviews and Guides](#oscp-reviews-and-guides) 12 | - [Cheatsheets and Scripts](#cheatsheets-and-scripts) 13 | - [Topics](#topics) 14 | - [Buffer Overflow](#buffer-overflow) 15 | - [Privilege Escalation](#privilege-escalation) 16 | - [Active Directory](#Active-Directory) 17 | - [Other OSCP Resources](#other-oscp-resources) 18 | - [Books](#books) 19 | - [License](#license) 20 | 21 | ## Resources 22 | 23 | ### OSCP Reviews and Guides 24 | 25 | - [Official OSCP Certification Exam Guide](https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide) 26 | - Luke’s Ultimate OSCP Guide ([Part 1](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440), [Part 2](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-2-workflow-and-documentation-tips-9dd335204a48), [Part 3](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97)) 27 | - [How to prepare for PWK/OSCP, a noob-friendly guide](https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob) 28 | - [n3ko1's OSCP Guide](http://www.lucas-bader.com/certification/2015/05/27/oscp-offensive-security-certified-professional) 29 | - [Jan's "Path to OSCP" Videos](https://www.youtube.com/playlist?list=PLyPJ3SHNkjIFITR-Lzsc0XSOBS7JUXsOy) 30 | - [Offensive Security’s PWB and OSCP - My Experience](http://www.securitysift.com/offsec-pwb-oscp/) (+ some scripts) 31 | - [OSCP Lab and Exam Review](https://theslickgeek.com/oscp/) 32 | - [OSCP Preparation Notes](https://www.jpsecnetworks.com/category/oscp/) 33 | - [A Detailed Guide on OSCP Preparation – From Newbie to OSCP](http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/) 34 | - [My Fight for OSCP](https://alphacybersecurity.tech/my-fight-for-the-oscp/) 35 | - [The Ultimate OSCP Preparation Guide](https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/) 36 | - [The Journey to Try Harder: TJnull’s Preparation Guide for PEN-200 PWK/OSCP 2.0](https://www.netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html) 37 | 38 | ### Cheatsheets and Scripts 39 | 40 | - [Luke's Practical hacking tips and tricks](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97) 41 | - [Penetration Testing Tools Cheat Sheet](https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/) 42 | - [How to Pass OSCP](https://gist.github.com/unfo/5ddc85671dcf39f877aaf5dce105fac3) 43 | - [Reverse Shell Cheat Sheet](https://highon.coffee/blog/reverse-shell-cheat-sheet/) 44 | - [Reverse Shell Generator](https://www.revshells.com/) 45 | - [7 Linux Shells Using Built-in Tools](https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/) 46 | - [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester) 47 | - [Linux Exploit Suggester](https://github.com/InteliSecureLabs/Linux_Exploit_Suggester) 48 | - [OSCPRepo](https://github.com/rewardone/OSCPRepo) 49 | - [Go-for-OSCP](https://github.com/pythonmaster41/Go-For-OSCP) 50 | - [Pentest Compilation](https://github.com/adon90/pentest_compilation) 51 | - [Collection of OSCP scripts](https://github.com/ihack4falafel/OSCP) 52 | 53 | ### Topics 54 | 55 | #### Buffer Overflow 56 | - [Corelan's Exploit writing tutorial part 1 : Stack Based Overflows](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/) 57 | - [Justin's DoStackBufferOverflowGood](https://github.com/justinsteven/dostackbufferoverflowgood) 58 | - [Writing Exploits for Win32 Systems from Scratch](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/) 59 | - [32-Bit Windows Buffer Overflows Made Easy](https://veteransec.com/2018/09/10/32-bit-windows-buffer-overflows-made-easy/) 60 | - [Introduction to Buffer Overflow Video](https://www.youtube.com/watch?v=1S0aBV-Waeo) 61 | - [OverTheWire's Narnia Wargame](http://overthewire.org/wargames/narnia/) 62 | 63 | #### Privilege Escalation 64 | - [Windows Privilege Escalation Fundamentals](http://www.fuzzysecurity.com/tutorials/16.html) 65 | - [Common Windows Privilege Escalation Vectors](https://toshellandback.com/2015/11/24/ms-priv-esc/) 66 | - [Encyclopaedia Of Windows Privilege Escalation by Brett Moore](https://www.youtube.com/watch?v=kMG8IsCohHA) 67 | - [Level Up! Practical Windows Privilege Escalation by Andrew Smith](https://www.youtube.com/watch?v=PC_iMqiuIRQ) 68 | - [Basic Linux Privilege Escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) 69 | - [Linux privilege escalation by Jake Williams](https://www.youtube.com/watch?v=dk2wsyFiosg) 70 | 71 | #### Active-Directory 72 | - [Active Directory Methodology](https://book.hacktricks.xyz/windows/active-directory-methodology) 73 | - [Active Directory Exploitation Cheat Sheet](https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet) 74 | - [PayloadsAllTheThings AD](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md) 75 | - [Attacking Active Directory: 0 to 0.9](https://zer1t0.gitlab.io/posts/attacking_ad/) 76 | - [PowerView-3.0 tips and tricks](https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993#file-powerview-3-0-tricks-ps1) 77 | 78 | ##### Hands-On Resources. 79 | - TryHackMe 80 | - [Active Directory Basics](https://tryhackme.com/room/activedirectorybasics) - Easy 81 | - [Post-Exploitation Basics](https://tryhackme.com/room/postexploit) - Easy 82 | - [Vulnnet Roasted](https://tryhackme.com/room/vulnnetroasted) - Easy 83 | - [Attacktive Directory](https://tryhackme.com/room/attacktivedirectory) - Medium 84 | - [raz0r black](https://tryhackme.com/room/raz0rblack) - Medium 85 | - [Enterprise](https://tryhackme.com/room/enterprise) - Medium 86 | - [Vulnnet Active](https://tryhackme.com/room/vulnnetactive) - Medium 87 | - [Zero Logon](https://tryhackme.com/room/zer0logon) - Hard 88 | - [Holo](https://tryhackme.com/room/hololive) - Hard 89 | - [Throwback](https://tryhackme.com/network/throwback) - Easy 90 | - HackTheBox 91 | - [Forest](https://app.hackthebox.com/machines/212) - Easy 92 | - [Active](https://app.hackthebox.com/machines/148) - Easy 93 | - [Fuse](https://app.hackthebox.com/machines/235) - Medium 94 | - [Cascade](https://app.hackthebox.com/machines/235) - Medium 95 | - [Monteverde](https://app.hackthebox.com/machines/223) - Medium 96 | - [Resolute](https://app.hackthebox.com/machines/220) - Medium 97 | - [Arkham](https://app.hackthebox.com/machines/179) - Medium 98 | - [Mantis](https://app.hackthebox.com/machines/98) - Hard 99 | - [APT](https://app.hackthebox.com/machines/296) - Insane 100 | - [Dante](https://app.hackthebox.com/prolabs/overview/dante) - Beginner 101 | - [Offshore](https://app.hackthebox.com/prolabs/overview/offshore) - Intermediate 102 | - [RastaLabs](https://app.hackthebox.com/prolabs/overview/rastalabs) - Intermediate 103 | - [Cybernetics](https://app.hackthebox.com/prolabs/overview/cybernetics) - Advanced 104 | - [APT Labs](https://app.hackthebox.com/prolabs/overview/aptlabs) - Advanced 105 | - HackTheBox Academy ( PAID ) 106 | - [Introduction to Active Directory](https://academy.hackthebox.com/module/details/74) - Fundamental 107 | - [ActiveDirectory LDAP](https://academy.hackthebox.com/course/preview/active-directory-ldap) - Medium 108 | - [ActiveDirectory Powerview](https://academy.hackthebox.com/module/details/68) - Medium 109 | - [ActiveDirectory BloodHound](https://academy.hackthebox.com/module/details/69) - Medium 110 | - [ActiveDirectory Enumeration & Attacks](https://academy.hackthebox.com/module/details/143) - Medium 111 | - Proving Grounds 112 | - [PG-Practice](https://portal.offsec.com/labs/practice) ( PAID ) 113 | * Hutch 114 | * Heist 115 | * Vault 116 | 117 | # Other OSCP Resources 118 | 119 | - [PWK Syllabus](https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf) 120 | - [OSCP-Prep-Resources](https://github.com/burntmybagel/OSCP-Prep) 121 | - [Offensive Security Bookmarks](https://jivoi.github.io/2015/07/03/offensive-security-bookmarks/) 122 | - [The how to get the OSCP certification wiki](https://www.peerlyst.com/posts/the-how-to-get-the-oscp-certification-wiki-peerlyst) 123 | - [OSCP Goldmine](http://0xc0ffee.io/blog/OSCP-Goldmine) 124 | - [Penetration Testing Study Notes](https://github.com/AnasAboureada/Penetration-Testing-Study-Notes) 125 | - [OSCP-like Vulnhub VMs](https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms) 126 | - [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/) 127 | - [Awesome Penetration Testing](https://github.com/enaqx/awesome-pentest) 128 | - [OSCP Exam Report Template in Markdown](https://github.com/noraj/OSCP-Exam-Report-Template-Markdown) 129 | 130 | #### Books 131 | 132 | - [Penetration Testing: A Hands-on Introduction to Hacking](https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641) 133 | - [The Hacker Playbook 3: Practical Guide to Penetration Testing](https://www.amazon.com.au/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759) 134 | - [RTFM: Red Team Field Manual](https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504) 135 | - [RTFM: Red Team Field Manual v2](https://www.amazon.com/RTFM-Red-Team-Field-Manual/dp/1075091837) 136 | - [The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws (2nd Edition)](https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting-ebook/dp/B005LVQA9S) 137 | 138 | ## License 139 | 140 | [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](http://creativecommons.org/publicdomain/zero/1.0) 141 | 142 | To the extent possible under law, Adel "0x4D31" Karimi has waived all copyright and 143 | related or neighboring rights to this work. 144 | --------------------------------------------------------------------------------