Dragon
adminAdmin  2019-02-12 01:09 来源:lsh4ck's Blog 隐藏边栏 |   2 条评论  3,479 
文章评分 1 次,平均分 5.0

oscp简介:

官方概述

https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/

Oscp exam guide-英文 - Offensive Security.pdf
Oscp 考试指南中文 - 进攻性安全
一些老外的参考资料

其他相关认证:

  • OSCP:https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
  • LPT:https://www.eccouncil.org/programs/licensed-penetration-tester-lpt-master/
  • eCPPT:https://www.elearnsecurity.com/certification/ecppt/
  • CEH:https://cert.eccouncil.org/certified-ethical-hacker.html

大佬经历篇

OSCP 认证教程第一集:注册教程

OSCP 认证-01 踏上征程(同上)

0xPING
Penetration Testing with Kali (PWK) 课程和 Offensive Security Certified
Professional (OSCP) 考试回顾

f4l13n5n0w
经验分享 OSCP 渗透测试认证

先知某牛的经验

abatchy
How to prepare for PWK/OSCP, a noob-friendly guide

Jan Wikholm 的博客全记录
ALL Videos
git 上的 oscp 专辑

OJ'S PERSPECTIVE
oscp-and-m

The Primal Security Team
Course Review: Penetration Testing with Kali Linux (OSCP)

Julien Ahrens
OSCP Course and Exam Review

Mike Czumak
Offensive Security’s PWB and OSCP — My Experience

leonjza
trying harder oscp and me

Adam Brown
My OSCP Experience

Paranoid Ninja
31 days of OSCP Experience

occultsec
The OSCP: A Process Focused Review

考试交流论坛

jpsecnetworks
全程学习笔记记录

tulpa-security
PREP GUIDE FOR OFFSEC’S PWK
指导用书 tulpa-pwk-prep-guide1.pdf

Jason Bernier
Try Harder! My Penetration Testing with Kali Linux OSCP Review and course/lab experience

securitychops
OSCE 经验

LEWIS SECURITY
OSCP 历程

综合学习资源:

免费在线课程

专业 windows 提权的国外大牛

RustyShackleford221 的 OSCP-Prep

非常好的资源整理

Kali 学习笔记-中文
这里也可以

老外某牛一个很全的渗透测试 wiki

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' Keepnote. Reconscan in scripts folder

Kristina 大神
整合的 OSCP-PWK-Prep-Resources
还有他的博客里 2 部分内容中的干货

OSCP certification notes and tools,比较新

LFI 拿 shell

综合资料,啥都有

使用 Python 的缓冲区溢出的 OSCP 准备指南

Notes of my Offensive Security Certified Professional (OSCP) study plan

比较全的过程指南,有脚本、报告、方法论等

一个充满 tip 和 cheat sheets 的网站

Windows Privilege Escalation Methods for Pentesters_Windows 下比较全的提权方法

Metasploit Unleashed – Free Ethical Hacking Course

SQL Injection Wiki

Notes for taking the OSCP in 2097
相关参考书

My roadmap for preparing for OSCP

ncat 的使用详细手册

https://vincentyiu.co.uk/red-team

一个站搞定注入

total-oscp-guide

pWnOS 2.0 靶机玩法

Writing Shellcode to a File

oscp-useful-links

Fuzz FTP Commands

Fuzz Username / Password

LINUX PRIVILEGE ESCALATION 指南

抓包了解 nmap

web 渗透的各种资料

挺牛的 hackthebox 玩家

端口的滲透測試總結

hackthebox-youtube-ippsec

user-account-co(ntrol-what-penetration-testers-should-know

OSCP 中所利用到的工具:

脚本类:

Utils scripts for various OSCP operations

Windows Privilege Escalation Techniques and Scripts

linux-exploit-suggester

kernel-exploits

关于 msf 提权的视频

提权视频 1

提权视频 2

download/linuxprivchecker.py

Windows Privilege Escalation

内存溢出专题博客
RottenPotato
windows-exploit-suggester.py
windows-exploit-suggester2.py
windows-privesc-check
Windows_Privilege_Escalation.md
Offensive PowerShell for red team
PowerShellMafia/PowerSploit
SecWiki/windows-kernel-exploits
elevating-privileges-to-administrative-and-further
win-priv-check.bat 和 windows-exploit-suggester.py
windows-privilege-escalation-methods-for-pentesters
ms-priv-esc
privesc-unquoted-service-path
unquoted-service-paths
dll-hijacking-vulnerable-applications
penetration-testing-102-windows-privilege-escalation-cheatsheet
https://www.youtube.com/watch?v=kMG8IsCohHA&feature=youtu.be
https://www.youtube.com/watch?v=PC_iMqiuIRQ
https://www.youtube.com/watch?v=vqfC4gU0SnY
Windows Privilege Escalation Fundamentals
bypassing-uac-with-powershell

Linux Privilege Escalation

unix-privesc-check
Linux Privilege Escalation Scripts
Basic Linux Privilege Escalation
A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges
An example rootkit that gives a userland process root permissions

Some tools && cheat sheet && py && payloads

Collection of things made during my OSCP journey
A tool for fuzzing for ports that allow outgoing connections
ROP Emporium proof of concept exploits
ROPPrimer v2 Proof of Concepts
MSDAT: Microsoft SQL Database Attacking Tool
此脚本基于Mike Czumak 的脚本但它被大量重写,有些东西已被添加,其他东西已被删除。该脚本是作为 OSCP 考试的准备而编写的。它从来就不是一般的脚本。因此,如果您想使用它,您必须确保修复所有硬编码路径。该脚本是多线程的,可以同时对多个主机运行。参考书
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
一些小手记
认可度最高的 cheat sheet
少量一些 cheat sheet
metasploit-and-meterpreter cheat cheet
SQL Injection Cheat Sheet
仍然一些 cheat sheet
各种 Cheatsheets
各种 Cheat Sheets2
又一个很好的 cheat sheet
Progressively enumerate an IP address while you do other things
A collection of tools to help research buffer overflow exploitation for the Offensive Security OSCP certification
Reverse_shell 和 port_scanner.py
一些 smtp 上 110 端口的脚本
These are my notes for OSCP preparation. Hope you'll find them useful
一些零散脚本,linux 和 win 都有
1518_auto_setup.sh、waf_x-forwarded-for_cmd.sh、9623_acs_cmd.sh、39161_privesc.py
snmpwalk -c public -v1 IP oid#
gpp_decrypt.py、windowsprivchecker.ps1
vulnerability-assessment-tools
一些溢出小脚本
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits
LinuxPrivCheck.sh、PortKnocker.sh、CronJobChecker.sh、WinPrivCheck.bat、SQL Injection Cheatsheet
简单的缓冲区溢出
Converting Metasploit Module to Stand Alone
Spawning a TTY Shell
Creating Metasploit Payloads
NETCAT 使用
Port Redirection with Rinetd
Dynamic Port Forwarding (SSH)
Remote Port Forwarding (SSH)
>Local Port Forwarding (SSH)
Port Forwarding with Metasploit

成熟的好工具:

Automated All-in-One OS command injection and exploitation tool
快速的侦察扫描和 pentest 模板创建器
SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax
Reconnoitre,为 OSCP 实验室制作的侦察工具,用于自动化信息收集和服务枚举,同时创建目录结构以存储用于每个主机的结果,发现和利用,推荐的执行命令和用于存储战利品和标志的目录结构
Vanquish 是一个基于 Kali Linux 的 Enumeration Orchestrator,用 Python 构建。Vanquish 利用 Kali 上的开源枚举工具执行多个活动信息收集阶段。每个阶段的结果都会被输入下一阶段,以识别可以用于远程 shell 的漏洞。
顾名思义,A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages

报告相关:

由多家咨询公司和学术安全组织发布的公共渗透测试报告的精选清单
官方报告

在线实验室推荐:

https://pentesterlab.com

https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms

https://www.vulnhub.com

https://lab.pentestit.ru

https://www.root-me.org

https://www.virtualhackinglabs.com/

https://attackdefense.com

  

本文为原创文章,版权归所有,欢迎分享本文,转载请保留出处!

admin
Admin 关注:0    粉丝:3 最后编辑于:2019-04-15
这个人很懒,什么都没写

发表评论

表情 贴图 链接 私密 格式 签到

最赞评论
  1. admin
    admin 博主 这家伙可能用了美佬的代理 谷歌浏览器 73.0.3683.86 Mac OS X 10_14_0

    @daxinO9老外的备考文章和心得都看过,技术文章没有都看过,但是你做技术你知道,过程中会用到的技术一眼就知道,搜集过来没有坏处

  1. D
    daxinO9 来自天朝的朋友 谷歌浏览器 72.0.3626.121 Windows 10 吉林省长春市 电信

    有个小问题,这些文档你都看过吗?

    • admin
      admin 博主 这家伙可能用了美佬的代理 谷歌浏览器 73.0.3683.86 Mac OS X 10_14_0

      @daxinO9老外的备考文章和心得都看过,技术文章没有都看过,但是你做技术你知道,过程中会用到的技术一眼就知道,搜集过来没有坏处

切换注册

登录

忘记密码 ?

切换登录

注册

验证码

×

感谢您对admin的支持,么么哒~

支付宝打赏 admin
请扫码随意打赏

打开支付宝扫一扫,即可进行扫码打赏哦

lsh4ck's Blog - Hacking is endless! Focus on network security!

扫一扫二维码分享