Skip to content
oscp study
PowerShell Python C Shell Perl ASP Other
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
payloads adding opm and cgi payloads Feb 2, 2019
priv_escalation adding PowerUp.ps1 to privesc Apr 10, 2019
recon_scan reverse_shell_cheatsheet Aug 18, 2017
useful_tricks new tricks Jan 25, 2019
webshells adding webshells and privesc scripts Jan 25, 2019
wordlists
xpl adding new xpl Feb 2, 2019
README.md Adding 21y4d notes, very good tool to enumerate Apr 10, 2019

README.md

Oscp study

Notes of my Offensive Security Certified Professional (OSCP) study plan.

Last updated: 2019-04-10

OSCP-like VMs on Vulnhub:

  • Beginner friendly:
    • Kioptrix: Level 1 (#1) [ok]
    • Kioptrix: Level 1.1 (#2) [ok]
    • Kioptrix: Level 1.2 (#3) [ok]
    • Kioptrix: Level 1.3 (#4) [ok]
    • FristiLeaks: 1.3 [ok]
    • Stapler: 1 [ok]
    • PwnLab: init [ok]
    • Pluck: 1 [ok]
    • W1R3S: 1.0.1 [ok]
  • Intermediate:
    • Kioptrix: 2014 [ok]
    • Brainpan: 1 (Part 1 of BO is relevant to OSCP. egghunting is out of scope though)
    • Mr-Robot: 1 [ok]
    • HackLAB: Vulnix [ok]
    • Not so sure (Didn't solve them yet):
    • VulnOS: 2 [ok]
    • SickOs: 1.2 [ok]
    • /dev/random: scream
    • pWnOS: 2.0
    • SkyTower: 1
    • IMF
    • Lord of the Root 1.0.1 [ok]
    • Tr0ll
    • Pegasus
    • SkyTower [ok]
  • Windows
    • Metasploitable 3
    • Bobby: 1 (Uses VulnInjector, need to provide you own ISO and key.)

(credits for @abatchy)

Link to download VMs: http://vulnhub.com

Hackthebox.eu (HTB)

I strongly recommend the boxes on the hackthebox.eu to study for OSCP cert. HTB have a good set of windows boxes to training: Devel, Optimum, Bastard, Grandpa, Blue, Sizzle, Reel.

My hackthebox profile: https://www.hackthebox.eu/profile/5823. Feel free to contact me there :)

PS: It's necessary solve a little "challenge" to obtain the invite.

Recommended books:

Penetration Testing: A Hands-On Introduction to Hacking (+Highly recommended for beginners)
Hacking: The Art of Exploitation, 2nd Edition
Rtfm: Red Team Field Manual
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
The Hacker Playbook: Practical Guide To Penetration Testing

Stack-based buffer overflow links [must-read]:

https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ [Recommended]
http://www.tenouk.com/Bufferoverflowc/Bufferoverflow1.html
https://raw.githubusercontent.com/m0nad/Papers/master/buffer_overflow_iniciantes.txt [PT-BR]

Other interesting links:

https://forum.hackthebox.eu/discussion/1655/oscp-exam-review-2019-notes-gift-inside/p1 [+ EXCELLENT tool from @21y4d to enumeration... I really recommend it :) ]
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ [Linux privilege escalation]
http://www.fuzzysecurity.com/tutorials/16.html [Windows privilege escalation]
http://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob.html
https://www.securitysift.com/offsec-pwb-oscp/ [+Scripts]
http://hackingandsecurity.blogspot.com.br/2016/04/oscp-related-notes.html
http://rtfm-ctf.org/2017/PWN-PATH-TO-OSCP
http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html [RECOMMENDED reading]
https://tulpa-security.com/2016/09/19/prep-guide-for-offsecs-pwk/

My write-ups

Kioptrix level 1
Kioptrix level 1.1
Kioptrix level 1.2

You can’t perform that action at this time.