This repository serves as a comprehensive compilation of notes and commands assembled during preparation for the Offensive Security Certified Professional (OSCP) certification, specifically the PEN-200 course taken in 2025.
The purpose of this cheatsheet is to provide a structured and concise reference to aid in the understanding and execution of various penetration testing techniques covered in the OSCP curriculum.
- Penetration Testing with Kali Linux: General Course Information
- Introduction To Cybersecurity
- Effective Learning Strategies
- Report Writing for Penetration Testers
- Information Gathering
- [Vulnerability Scanning]
- Vulnerability Scanning Theory
- Vulnerability Scanning with Nessus
- [Vulnerability Scanning with Nmap]
- NSE Vulnerability Scripts.md
- [Working with NSE Scripts.md]
- Introduction to Web Application Attacks
- [Common Web Application Attacks]
- [Directory Traversal]
- Absolute vs Relative Paths
- Identifying and Exploiting Directory Traversals
- [Encoding Special Characters]
- [File Inclusion Vulnerabilities]
- [File Upload Vulnerabilities]
- [Command Injection]
- [SQL Injection Attacks]
- [Phishing Basics]
- [Client-side Attacks]
- [Locating Public Exploits]
- [Fixing Exploits]
- [Antivirus Evasion]
- [Password Attacks]
- [Windows Privilege Escalation]
- [Linux Privilege Escalation]
- [Port Redirection and SSH Tunneling]
- [Tunneling Through Deep Packet Inspection]
- [The Metasploit Framework]
- [Active Directory Introduction and Enumeration]
- [Attacking Active Directory Authentication]
- [Lateral Movement in Active Directory]
- [Enumerating AWS Cloud Infrastructure]
- [Attacking AWS Cloud Infrastructure]
- [Assembling the Pieces]