oscp简介:
官方概述
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
Oscp exam guide-英文 - Offensive Security.pdf
Oscp考试指南中文 - 进攻性安全
一些老外的参考资料
其他相关认证:
- OSCP:https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
- LPT:https://www.eccouncil.org/programs/licensed-penetration-tester-lpt-master/
- eCPPT:https://www.elearnsecurity.com/certification/ecppt/
- CEH:https://cert.eccouncil.org/certified-ethical-hacker.html
大佬经历篇
我的经历
0xPING
Penetration Testing with Kali (PWK) 课程和 Offensive Security Certified
Professional (OSCP) 考试回顾
abatchy
How to prepare for PWK/OSCP, a noob-friendly guide
Jan Wikholm的博客全记录
ALL Videos
git上的oscp专辑
The Primal Security Team
Course Review: Penetration Testing with Kali Linux (OSCP)
Julien Ahrens
OSCP Course and Exam Review
Mike Czumak
Offensive Security’s PWB and OSCP — My Experience
leonjza
trying harder oscp and me
Paranoid Ninja
31 days of OSCP Experience
occultsec
The OSCP: A Process Focused Review
tulpa-security
PREP GUIDE FOR OFFSEC’S PWK
指导用书tulpa-pwk-prep-guide1.pdf
Jason Bernier
Try Harder! My Penetration Testing with Kali Linux OSCP Review and course/lab experience
综合学习资源:
Kristina大神
整合的OSCP-PWK-Prep-Resources
还有他的博客里2部分内容中的干货
OSCP certification notes and tools,比较新
Notes of my Offensive Security Certified Professional (OSCP) study plan
Windows Privilege Escalation Methods for Pentesters_Windows下比较全的提权方法
Metasploit Unleashed – Free Ethical Hacking Course
Notes for taking the OSCP in 2097
相关参考书
My roadmap for preparing for OSCP
https://vincentyiu.co.uk/red-team
user-account-co(ntrol-what-penetration-testers-should-know
OSCP中所利用到的工具:
脚本类:
Utils scripts for various OSCP operations
Windows Privilege Escalation Techniques and Scripts
Windows Privilege Escalation
内存溢出专题博客
RottenPotato
windows-exploit-suggester.py
windows-exploit-suggester2.py
windows-privesc-check
Windows_Privilege_Escalation.md
Offensive PowerShell for red team
PowerShellMafia/PowerSploit
SecWiki/windows-kernel-exploits
elevating-privileges-to-administrative-and-further
win-priv-check.bat和windows-exploit-suggester.py
windows-privilege-escalation-methods-for-pentesters
ms-priv-esc
privesc-unquoted-service-path
unquoted-service-paths
dll-hijacking-vulnerable-applications
penetration-testing-102-windows-privilege-escalation-cheatsheet
https://www.youtube.com/watch?v=kMG8IsCohHA&feature=youtu.be
https://www.youtube.com/watch?v=PC_iMqiuIRQ
https://www.youtube.com/watch?v=vqfC4gU0SnY
Windows Privilege Escalation Fundamentals
bypassing-uac-with-powershell
Linux Privilege Escalation
unix-privesc-check
Linux Privilege Escalation Scripts
Basic Linux Privilege Escalation
A quick LKM rootkit that executes a reverse TCP netcat shell with root privileges
An example rootkit that gives a userland process root permissions
Some tools && cheat sheet && py && payloads
Collection of things made during my OSCP journey
A tool for fuzzing for ports that allow outgoing connections
ROP Emporium proof of concept exploits
ROPPrimer v2 Proof of Concepts
MSDAT: Microsoft SQL Database Attacking Tool
此脚本基于Mike Czumak的脚本但它被大量重写,有些东西已被添加,其他东西已被删除。该脚本是作为OSCP考试的准备而编写的。它从来就不是一般的脚本。因此,如果您想使用它,您必须确保修复所有硬编码路径。该脚本是多线程的,可以同时对多个主机运行。参考书
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
一些小手记
认可度最高的cheat sheet
少量一些cheat sheet
metasploit-and-meterpreter cheat cheet
SQL Injection Cheat Sheet
仍然一些cheat sheet
各种Cheatsheets
各种Cheat Sheets2
又一个很好的cheat sheet
Progressively enumerate an IP address while you do other things
A collection of tools to help research buffer overflow exploitation for the Offensive Security OSCP certification
Reverse_shell和port_scanner.py
一些smtp上110端口的脚本
These are my notes for OSCP preparation. Hope you'll find them useful
一些零散脚本,linux和win都有
1518_auto_setup.sh、waf_x-forwarded-for_cmd.sh、9623_acs_cmd.sh、39161_privesc.py
snmpwalk -c public -v1 IP oid#
gpp_decrypt.py、windowsprivchecker.ps1
vulnerability-assessment-tools
一些溢出小脚本
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits
LinuxPrivCheck.sh、PortKnocker.sh、CronJobChecker.sh、WinPrivCheck.bat、SQL Injection Cheatsheet
简单的缓冲区溢出
Converting Metasploit Module to Stand Alone
Spawning a TTY Shell
Creating Metasploit Payloads
NETCAT使用
Port Redirection with Rinetd
Dynamic Port Forwarding (SSH)
Remote Port Forwarding (SSH)
>Local Port Forwarding (SSH)
Port Forwarding with Metasploit
成熟的好工具:
Automated All-in-One OS command injection and exploitation tool
快速的侦察扫描和pentest模板创建器
SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax
Reconnoitre,为OSCP实验室制作的侦察工具,用于自动化信息收集和服务枚举,同时创建目录结构以存储用于每个主机的结果,发现和利用,推荐的执行命令和用于存储战利品和标志的目录结构
Vanquish是一个基于Kali Linux的Enumeration Orchestrator,用Python构建。Vanquish利用Kali上的开源枚举工具执行多个活动信息收集阶段。每个阶段的结果都会被输入下一阶段,以识别可以用于远程shell的漏洞。
顾名思义,A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages
报告相关:
由多家咨询公司和学术安全组织发布的公共渗透测试报告的精选清单
官方报告
在线实验室推荐:
https://pentesterlab.com
https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms
https://www.vulnhub.com
https://lab.pentestit.ru
https://www.root-me.org
https://www.virtualhackinglabs.com/
https://attackdefense.com
本文为原创文章,版权归lsh4ck's Blog所有,欢迎分享本文,转载请保留出处!
有个小问题,这些文档你都看过吗?
@daxinO9老外的备考文章和心得都看过,技术文章没有都看过,但是你做技术你知道,过程中会用到的技术一眼就知道,搜集过来没有坏处
感谢博主整理分享!
大佬邮箱多少啊,加群
@leoroot#lshack.cn