Skip to content

Instantly share code, notes, and snippets.

@chrisolsen

chrisolsen/zero-to-oscp.md

Last active July 17, 2023 03:48
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save chrisolsen/7c0e5d92a4a0134c259e4ac50ac97c43 to your computer and use it in GitHub Desktop.
Save chrisolsen/7c0e5d92a4a0134c259e4ac50ac97c43 to your computer and use it in GitHub Desktop.
Download ZIP
Zero to OSCP: Concise Edition
Raw
zero-to-oscp.md

https://medium.com/@1chidan/zero-to-oscp-concise-edition-b5ecd4a781c3

PWK Preparation

Buffer Overflows

PWK Course

  • https://forums.offensive-security.com/
    • Find g0tmilk’s guide to ‘alpha’ on the student forums.
    • Read it.
    • Read it again.
    • Read between the lines. (hint:methodology)
    • Read it and hack along.
    • Go over your notes, try ‘beta’ and then move onto whatever other low hanging fruit you can find.
  • https://github.com/samratashok/nishang
  • https://netsec.ws/?p=337
  • https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
  • http://www.fuzzysecurity.com/tutorials/16.html
    • windows-exploit-suggester.py is a great tool that takes a text file dump of the ‘systeminfo’ command output and returns public exploits and metasploit modules that could lead to elevation of privileges. Produces a lot of false positives, but I’ve gotten lucky a few times by working through its suggestions.
    • wes.py is the ‘next generation’ of Windows exploit suggester that works much like its unofficial predecessor, but has better support for post Windows Vista era machines. You can also pass flags to specifically filter out privilege escalation vulnerabilities with known public exploits.
    • jaws-enum.ps1, or Just Another Windows (Enum) Script is another powershell script that allows users to quickly identify privilege escalation vectors. Again, quite verbose in output but learn to parse it quickly and see what jumps out.
    • PowerUp.ps1 is a powershell script that checks for ‘common Windows privilege escalation vectors that rely on misconfigurations’. It’s not a catch-all by any means, but I’ve had success using it.
  • https://highon.coffee/blog/reverse-shell-cheat-sheet/
  • https://github.com/SecWiki/windows-kernel-exploits

OSCP Exam

https://support.offensive-security.com/oscp-exam-guide/ https://www.hackthebox.eu/ https://www.youtube.com/ippsec https://github.com/21y4d/nmapAutomator

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment