OSCP- One Page Repository¶
Hello Everyone. This is the one page repository for OSCP learners.¶
1. Kali Linux Basic knowledge¶
2. Learn Basics Bash Scripting and Python Language¶
3. Recon: Learn about network reconnaissance¶
4. Vulnerable Machines¶
Now move to vulnerable machines. There are two main websites for practice on vulnerable machines.
Hackthebox machines and Vulnhub Machines. There are multiples infosec guys who has written blogs related to these machines for community. First thing you need to do, read blogs for 5 machine and try to understand the approach for start on these machines.
TjNull has shared a list which has OSCP related boxes.
Vulnhub List
Hackthebox List
5. Public Exploits¶
Most of the time in OSCP you will need to use a public exploit on your target to see if you can obtain a shell on it. With that exploit you may need to modify shellcode or even parts of the exploit to match with your system to obtain a connection from your target.
SearchSploit - Offline kali Database - https://www.exploit-db.com/searchsploit
6. File Transfer¶
There are multiple ways to transfer the files from attacker system to target system.
Windows¶
- VBS Script
- SMB Server
- HTTP Server
- FTP Server
- TFTP Server
- Powershell
- Debug.exe
- Certutil
Linux¶
- Python Server
- Curl
- Wget
- Netcat
- FTP
- PHP
- SCP - SSH
7. Privilege Escalation¶
-
For Practice on Local Machine:
-
Windows Privilege Escalation
-
Linux Privilege Escalation
8. Web App Vulnerabilities¶
- Vulnerable Application for Practice:
- Metasploitable 2
- BWAPP
- Multidae
9. Buffer Overflow¶
- Exploiting Simple Buffer Overflow on Win 32 https://www.pentesteracademy.com/course?id=13
- For Practice:-
- Windows Binaries (Recommend that you run these on Windows 7/XP 32 bit):
10 Pivoting & Port Forwarding¶
Youtube Channels for OSCP related HTB Boxes writeups¶
HTB Boxes to Prepare for OSCP (Youtube Playlist): https://www.youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf
- Windows Privilege Escalation
- Winpeas
- Powerup
- Sharpup
- Seatbelt
-
Windows Priv checker
-
Linux Privilege Escalation
- Linux smart enumeration
- Pspy64
- Linpeas
- Lpe
- Linux Exploit Suggester
- Beroot
- Bashark
- Linux priv checker
- Password Cracking
- Online Tools for Password Cracking:
- Wordlists:
- In Kali: /usr/share/wordlists
- Seclists: apt-get install seclists You can find all of his password lists here: https://github.com/danielmiessler/SecLists/tree/master/Passwords
- Online Password Crackers: