A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
Clone or download

README.md

OSCP-Prep

I created this repo as a resource for people wanting to learn more about penetration testing. Whether you are looking at getting into the into the information security field, preparing for the Penetration Testing with Kali Linux course, studying for OSCP exam, or just needing a refresher. Here you will find information I’ve gathered from a number of resources on various topics. Please let me know if anything is incorrect, or if there is something you would like to see.

Formats: OneNote, Word, and PDF

Outline:

  1. Introduction - Fundamentals and basics of different topics like networking, databases, web applications, commands, etc.
  • Windows
  • Linux
  • Networking
  • Web Application Basics
  • Services and Ports
  • File Transfers
  • Python Fundamentals
  • C# Fundamentals
  • TCPdump
  • Powershell
  • Wireshark
  • Packet Crafting Tools
  • FTP
  • SQL
  • YouTube Playlist
  1. Databases
  • SQL
  • IIS
  • IIS Web Server
  • MySQL
  1. Kali Tools
  • IP Tables
  • Tools
  • Bettercap
  • Masscan
  • SQL Injection Tools
  • Mimikatz
  • Wordlists
  • SecLists
  • Arp-scan
  • Dmitry
  • Dnsmap
  • DNSRecon
  • Dnswalk
  • dotDotPwn
  • Enum4Linux
  • GoLismero
  • Ident-user-enum
  • Nikto
  • Nmap
  • Recon-ng
  • SMBMap
  • Smtp-user-enum
  • Snmp-check
  • Sparta
  • SSLyze
  • theHarvester
  • Unicornscan
  • Openvas
  • Oscanner
  • Armitage
  • BeEF
  • Exploitdb
  • Maltego
  • Metasploit
  • Dirb
  • DirBuster
  • Gobuster
  • W3af
  • WebSlayer
  • WhatWeb
  • WPScan
  • XSSer
  • Bettercap
  • Ncat
  • Weevely
  1. Penetration Testing Methodology
  • SANS Penetration Testing
  • Open Source Security Testing Methodology Manual (OSSTMM)
  • Penetration Testing Methodologies and Standards(PTES)
  • NIST 800-15
  • OWASP Testing Guide
  • Pen Testing Framework
  1. Planning and Scope
  • Planning
  • Scope
  • Intel Gathering
  • Network Topology
  1. Recon, Scanning, Enumeration
  • Recon
    • DNS
    • Whois
    • Social Media
    • Web Search
    • GHDB / Google
    • Nslookup
    • Shodan
  • Recon-ng
  • Passive Scanning
  • Active Scanning
  • Enumeration, Enumeration, Enumeration!
  • Web Applications
  • SQL
  • Network
  • Services and Ports
  • Commands
  • SMB
  • FTP
  • SSH
  • SNMP
  • SMTP
  • Other
  • TCP Dump
  • Cheatsheets and Checklists
  • Firewalls and AV Evasion
  1. Exploitation
  • Introduction
  • Searching for Vulnerabilities
    • Searchsploit
    • Exploit-db
  • Vulnerabilities Analysis
  • Editing and Fixing Vulnerabilities
  • Fuzzing
  • Shells
  • Metasploit Framework
  • Exploit Format
  • Writing an Exploit
  • Other
  1. Post Exploitation
  • Introduction
  • Privilege Escalation
    • Windows
    • Linux
  • Transferring Files
  • Pivoting
  • Tunneling
  • Passing the Hash
  • Port Forwarding
  • Metasploit
  • Pilfer and Plunder
  1. Web Application
  • Introduction/Overview
    • Glossary of Terms
  • OWASP
  • Basics of Web Application Penetration Testing
  • Web Application Services
  • Tools
  • What to use and when
  • Burp Suite (And Extensions)
  • OWASP ZAP
  • XSS
  • SQL Injection
  • CSRF
  • Directory Indexing
  • Directory Traversal/Path Traversal
  • SQL Injection
  • Cookies and Manipulate Sessions
  • Security Misconfigurations
  • Redirects and Forwards
  • Bypassing Authorization
  • Sensitive Data Exposure
  • Token Generation and Manipulation
  • Hidden Form Fields
  • Code Injection
  • OS Command Injection
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • Log Analysis
  • HTTPonly Cookie
  • W3af
  • SQLMap Commands and Examples
  • SQL Injection Tools
  • More Attack Examples and How To
  • More Attacks
  1. Web Application Vulnerabilities
  • Buffer Overflow
  • CRLF Injection
  • Cross Site Scripting Flaw
  • CSV Injection
  • Deserialization of Untrusted Data
  • Directory Restriction Error
  • Heartbleed Bug
  • Improper Data Validation
  • Insecure Transport
  • Memory Leak
  • Missing Error Handling
  • Missing XML Validation
  • .NET Vulnerability Research
  • Password Plaintext Storage
  • PHP File Inclusion
  • PHP Objection Injection
  • Session Variable Overloading
  • Undefined Behavior
  • XML External Entity
  • Configuration Vulnerability
  • Error Handling Vulnerability
  • General Logic Vulnerability
  • Input Validation Vulnerability
  • Path Vulnerability
  • Session Management Vulnerability
  1. Report Preparation and Notes
  • Report Content
  • Information
  • Reporting Tools
    • Cherrytree
    • Dradis
    • agicTree
    • Metagoofil
  • Common Problems in Report Writing
  • Note Taking Tips and Tools
  • Templates
  1. Walkthroughs
  • Jerry
  • Nightmare
  • Waldo
  • Active
  • Hawk
  • Tartar Sauce
  • Bastard
  • Dropzone
  • Bounty
  • DevOops
  • Olympus
  • Sunday
  • Gemini Inc 2
  • Canape
  • Stratosphere
  • Celestial
  • Minon
  • Holiday
  • Silo
  • Bart
  • Valentine
  • Ariekei
  • Cronos
  • Beep
  • Legacy
  • Sense
  • Solid State
  • Apocalyst
  • Mirai
  • Blue
  • Lame
  • Blocky
  • Kioptrix
  • pWnOs
  • Xeres – Vulnhub
  • Fulcrum
  • Posion
  • Aragog
  • Tally
  • Grandpa/Grandma
  • Mr. Robot
  • TrOll – Vulnhub
  • Temple of Doom – Vulnhub
  • Bulldog – Vulnhub
  • Brainpan – Vulnhub
  • Lazy
  • OWASP Mantra Browser
  1. Tools
  • Reconnoitre
  • Bloodhound
  • Responder
  • VHostScan
  • Vanquish
  • Rapidscan
  • Rpivot
  • SILENTTRINITY
  • CyberChef
  • Nishang
  • DNSStuff
  • Veil Evasion
  1. Password Attacks
  • Password Cracking Tools
  • Other Password Tools
  • User and Password Lists
  1. Python Scripts
  • Useful scripts
  1. Resources
  • Blogs
  • Walkthroughs
  • Github Repositories
  • Subreddits
  • Useful Reddit Posts
  • Twitter
  • Books
  • Other
    • Tmux and Terminator