Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/0x4D31/awesome-oscp
A curated list of awesome OSCP resources
https://github.com/0x4D31/awesome-oscp
List: awesome-oscp
awesome-list offensive-security oscp oscp-prep oscp-tools penetration-testing pentest pentesting
Last synced: about 2 months ago
JSON representation
A curated list of awesome OSCP resources
- Host: GitHub
- URL: https://github.com/0x4D31/awesome-oscp
- Owner: 0x4D31
- Created: 2019-02-22T00:33:35.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2024-04-28T13:30:09.000Z (8 months ago)
- Last Synced: 2024-05-23T06:18:56.030Z (7 months ago)
- Topics: awesome-list, offensive-security, oscp, oscp-prep, oscp-tools, penetration-testing, pentest, pentesting
- Size: 33.2 KB
- Stars: 2,441
- Watchers: 90
- Forks: 568
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- ultimate-awesome - awesome-oscp - A curated list of awesome OSCP resources. (Other Lists / PowerShell Lists)
- awesome-hacking-lists - 0x4D31/awesome-oscp - A curated list of awesome OSCP resources (Others)
README
# Awesome OSCP
[![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
> A curated list of awesome OSCP resources
## Contents
- [Resources](#resources)
- [OSCP Reviews and Guides](#oscp-reviews-and-guides)
- [Cheatsheets and Scripts](#cheatsheets-and-scripts)
- [Topics](#topics)
- [Buffer Overflow](#buffer-overflow)
- [Privilege Escalation](#privilege-escalation)
- [Active Directory](#Active-Directory)
- [Other OSCP Resources](#other-oscp-resources)
- [Books](#books)
- [License](#license)## Resources
### OSCP Reviews and Guides
- [Official OSCP Certification Exam Guide](https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide)
- Luke’s Ultimate OSCP Guide ([Part 1](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440), [Part 2](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-2-workflow-and-documentation-tips-9dd335204a48), [Part 3](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97))
- [How to prepare for PWK/OSCP, a noob-friendly guide](https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob)
- [n3ko1's OSCP Guide](http://www.lucas-bader.com/certification/2015/05/27/oscp-offensive-security-certified-professional)
- [Jan's "Path to OSCP" Videos](https://www.youtube.com/playlist?list=PLyPJ3SHNkjIFITR-Lzsc0XSOBS7JUXsOy)
- [Offensive Security’s PWB and OSCP - My Experience](http://www.securitysift.com/offsec-pwb-oscp/) (+ some scripts)
- [OSCP Lab and Exam Review](https://theslickgeek.com/oscp/)
- [OSCP Preparation Notes](https://www.jpsecnetworks.com/category/oscp/)
- [A Detailed Guide on OSCP Preparation – From Newbie to OSCP](http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/)
- [My Fight for OSCP](https://alphacybersecurity.tech/my-fight-for-the-oscp/)
- [The Ultimate OSCP Preparation Guide](https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/)
- [The Journey to Try Harder: TJnull’s Preparation Guide for PEN-200 PWK/OSCP 2.0](https://www.netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html)### Cheatsheets and Scripts
- [Luke's Practical hacking tips and tricks](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97)
- [Penetration Testing Tools Cheat Sheet](https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/)
- [How to Pass OSCP](https://gist.github.com/unfo/5ddc85671dcf39f877aaf5dce105fac3)
- [Reverse Shell Cheat Sheet](https://highon.coffee/blog/reverse-shell-cheat-sheet/)
- [Reverse Shell Generator](https://www.revshells.com/)
- [7 Linux Shells Using Built-in Tools](https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/)
- [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester)
- [Linux Exploit Suggester](https://github.com/InteliSecureLabs/Linux_Exploit_Suggester)
- [OSCPRepo](https://github.com/rewardone/OSCPRepo)
- [Go-for-OSCP](https://github.com/pythonmaster41/Go-For-OSCP)
- [Pentest Compilation](https://github.com/adon90/pentest_compilation)
- [Collection of OSCP scripts](https://github.com/ihack4falafel/OSCP)### Topics
#### Buffer Overflow
- [Corelan's Exploit writing tutorial part 1 : Stack Based Overflows](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/)
- [Justin's DoStackBufferOverflowGood](https://github.com/justinsteven/dostackbufferoverflowgood)
- [Writing Exploits for Win32 Systems from Scratch](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/)
- [32-Bit Windows Buffer Overflows Made Easy](https://veteransec.com/2018/09/10/32-bit-windows-buffer-overflows-made-easy/)
- [Introduction to Buffer Overflow Video](https://www.youtube.com/watch?v=1S0aBV-Waeo)
- [OverTheWire's Narnia Wargame](http://overthewire.org/wargames/narnia/)#### Privilege Escalation
- [Windows Privilege Escalation Fundamentals](http://www.fuzzysecurity.com/tutorials/16.html)
- [Common Windows Privilege Escalation Vectors](https://toshellandback.com/2015/11/24/ms-priv-esc/)
- [Encyclopaedia Of Windows Privilege Escalation by Brett Moore](https://www.youtube.com/watch?v=kMG8IsCohHA)
- [Level Up! Practical Windows Privilege Escalation by Andrew Smith](https://www.youtube.com/watch?v=PC_iMqiuIRQ)
- [Basic Linux Privilege Escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/)
- [Linux privilege escalation by Jake Williams](https://www.youtube.com/watch?v=dk2wsyFiosg)#### Active-Directory
- [Active Directory Methodology](https://book.hacktricks.xyz/windows/active-directory-methodology)
- [Active Directory Exploitation Cheat Sheet](https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet)
- [PayloadsAllTheThings AD](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md)
- [Attacking Active Directory: 0 to 0.9](https://zer1t0.gitlab.io/posts/attacking_ad/)
- [PowerView-3.0 tips and tricks](https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993#file-powerview-3-0-tricks-ps1)##### Hands-On Resources.
- TryHackMe
- [Active Directory Basics](https://tryhackme.com/room/activedirectorybasics) - Easy
- [Post-Exploitation Basics](https://tryhackme.com/room/postexploit) - Easy
- [Vulnnet Roasted](https://tryhackme.com/room/vulnnetroasted) - Easy
- [Attacktive Directory](https://tryhackme.com/room/attacktivedirectory) - Medium
- [raz0r black](https://tryhackme.com/room/raz0rblack) - Medium
- [Enterprise](https://tryhackme.com/room/enterprise) - Medium
- [Vulnnet Active](https://tryhackme.com/room/vulnnetactive) - Medium
- [Zero Logon](https://tryhackme.com/room/zer0logon) - Hard
- [Holo](https://tryhackme.com/room/hololive) - Hard
- [Throwback](https://tryhackme.com/network/throwback) - Easy
- HackTheBox
- [Forest](https://app.hackthebox.com/machines/212) - Easy
- [Active](https://app.hackthebox.com/machines/148) - Easy
- [Fuse](https://app.hackthebox.com/machines/235) - Medium
- [Cascade](https://app.hackthebox.com/machines/235) - Medium
- [Monteverde](https://app.hackthebox.com/machines/223) - Medium
- [Resolute](https://app.hackthebox.com/machines/220) - Medium
- [Arkham](https://app.hackthebox.com/machines/179) - Medium
- [Mantis](https://app.hackthebox.com/machines/98) - Hard
- [APT](https://app.hackthebox.com/machines/296) - Insane
- [Dante](https://app.hackthebox.com/prolabs/overview/dante) - Beginner
- [Offshore](https://app.hackthebox.com/prolabs/overview/offshore) - Intermediate
- [RastaLabs](https://app.hackthebox.com/prolabs/overview/rastalabs) - Intermediate
- [Cybernetics](https://app.hackthebox.com/prolabs/overview/cybernetics) - Advanced
- [APT Labs](https://app.hackthebox.com/prolabs/overview/aptlabs) - Advanced
- HackTheBox Academy ( PAID )
- [Introduction to Active Directory](https://academy.hackthebox.com/module/details/74) - Fundamental
- [ActiveDirectory LDAP](https://academy.hackthebox.com/course/preview/active-directory-ldap) - Medium
- [ActiveDirectory Powerview](https://academy.hackthebox.com/module/details/68) - Medium
- [ActiveDirectory BloodHound](https://academy.hackthebox.com/module/details/69) - Medium
- [ActiveDirectory Enumeration & Attacks](https://academy.hackthebox.com/module/details/143) - Medium
- Proving Grounds
- [PG-Practice](https://portal.offsec.com/labs/practice) ( PAID )
* Hutch
* Heist
* Vault# Other OSCP Resources
- [PWK Syllabus](https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf)
- [OSCP-Prep-Resources](https://github.com/burntmybagel/OSCP-Prep)
- [Offensive Security Bookmarks](https://jivoi.github.io/2015/07/03/offensive-security-bookmarks/)
- [The how to get the OSCP certification wiki](https://www.peerlyst.com/posts/the-how-to-get-the-oscp-certification-wiki-peerlyst)
- [OSCP Goldmine](http://0xc0ffee.io/blog/OSCP-Goldmine)
- [Penetration Testing Study Notes](https://github.com/AnasAboureada/Penetration-Testing-Study-Notes)
- [OSCP-like Vulnhub VMs](https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms)
- [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/)
- [Awesome Penetration Testing](https://github.com/enaqx/awesome-pentest)
- [OSCP Exam Report Template in Markdown](https://github.com/noraj/OSCP-Exam-Report-Template-Markdown)#### Books
- [Penetration Testing: A Hands-on Introduction to Hacking](https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641)
- [The Hacker Playbook 3: Practical Guide to Penetration Testing](https://www.amazon.com.au/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759)
- [RTFM: Red Team Field Manual](https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504)
- [RTFM: Red Team Field Manual v2](https://www.amazon.com/RTFM-Red-Team-Field-Manual/dp/1075091837)
- [The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws (2nd Edition)](https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting-ebook/dp/B005LVQA9S)## License
[![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](http://creativecommons.org/publicdomain/zero/1.0)
To the extent possible under law, Adel "0x4D31" Karimi has waived all copyright and
related or neighboring rights to this work.