Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/CyberSecurityUP/OSCE3-Complete-Guide

OSWE, OSEP, OSED, OSEE
https://github.com/CyberSecurityUP/OSCE3-Complete-Guide

Last synced: 4 days ago
JSON representation

OSWE, OSEP, OSED, OSEE

Awesome Lists containing this project

README

        

# OSCE³ and OSEE Study Guide [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)

## OSWE

### Content

- Web security tools and methodologies
- Source code analysis
- Persistent cross-site scripting
- Session hijacking
- .NET deserialization
- Remote code execution
- Blind SQL injections
- Data exfiltration
- Bypassing file upload restrictions and file extension filters
- PHP type juggling with loose comparisons
- PostgreSQL Extension and User Defined Functions
- Bypassing REGEX restrictions
- Magic hashes
- Bypassing character restrictions
- UDF reverse shells
- PostgreSQL large objects
- DOM-based cross site scripting (black box)
- Server side template injection
- Weak random token generation
- XML External Entity Injection
- RCE via database Functions
- OS Command Injection via WebSockets (BlackBox)

### Study Materials
1. [timip-GitHub](https://github.com/timip/OSWE)- Reference guide
2. [noraj-GitHub](https://github.com/noraj/AWAE-OSWE) - Reference guide
3. [wetw0rk-Github](https://github.com/wetw0rk/AWAE-PREP) - Reference guide
4. [kajalNair-Github](https://github.com/kajalNair/OSWE-Prep) - Reference guide
5. [s0j0hn-Github](https://github.com/s0j0hn/AWAE-OSWE-Prep) - Reference guide
6. [deletehead-Github](https://github.com/deletehead/awae_oswe_prep) - Reference guide
7. [z-r0crypt](https://z-r0crypt.github.io/blog/2020/01/22/oswe/awae-preparation/) - Reference guide
8. [rayhan0x01](https://rayhan0x01.github.io/web/2021/04/12/awae-web-300-oswe-guide-2021.html) - Reference guide
9. [Nathan-Rague](https://hub.schellman.com/blog/oswe-review-and-exam-preparation-guide) - Reference guide
10. [Joas Content](https://drive.google.com/file/d/1bASc-SLmuD0tXmd88h0QclRSpUu_rvnF/view?usp=sharing) - Reference guide
11. [Lawlez-Github](https://github.com/Lawlez/myOSWE) - Reference guide
12. [0xb120](https://github.com/0xb120/cheatsheets_and_ctf-notes/blob/main/OSWE%20preparation.md) - Reference Guide
13. [Jaelkoh](https://infosec.jaelkoh.com/2024/my-first-year-in-infosec-zero-to-osce3)

### Vulnerabilities

1. [XXE Injection](https://www.hackingarticles.in/comprehensive-guide-on-xxe-injection/)
2. [CSRF](https://www.hackingarticles.in/understanding-the-csrf-vulnerability-a-beginners-guide/)
3. [Cross-Site Scripting Exploitation](https://www.hackingarticles.in/cross-site-scripting-exploitation/)
4. [Cross-Site Scripting (XSS)](https://www.hackingarticles.in/comprehensive-guide-on-cross-site-scripting-xss/)
5. [Unrestricted File Upload](https://www.hackingarticles.in/comprehensive-guide-on-unrestricted-file-upload/)
6. [Open Redirect](https://www.hackingarticles.in/comprehensive-guide-on-open-redirect/)
7. [Remote File Inclusion (RFI)](https://www.hackingarticles.in/comprehensive-guide-to-remote-file-inclusion-rfi/)
8. [HTML Injection](https://www.hackingarticles.in/comprehensive-guide-on-html-injection/)
9. [Path Traversal](https://www.hackingarticles.in/comprehensive-guide-on-path-traversal/)
10. [Broken Authentication & Session Management](https://www.hackingarticles.in/comprehensive-guide-on-broken-authentication-session-management/)
11. [OS Command Injection](https://www.hackingarticles.in/comprehensive-guide-on-os-command-injection/)
12. [Multiple Ways to Banner Grabbing](https://www.hackingarticles.in/multiple-ways-to-banner-grabbing/)
13. [Local File Inclusion (LFI)](https://www.hackingarticles.in/comprehensive-guide-to-local-file-inclusion/)
14. [Netcat for Pentester](https://www.hackingarticles.in/netcat-for-pentester/)
15. [WPScan:WordPress Pentesting Framework](https://www.hackingarticles.in/wpscanwordpress-pentesting-framework/)
16. [WordPress Pentest Lab Setup in Multiple Ways](https://www.hackingarticles.in/wordpress-pentest-lab-setup-in-multiple-ways/)
17. [Multiple Ways to Crack WordPress login](https://www.hackingarticles.in/multiple-ways-to-crack-wordpress-login/)
18. [Web Application Pentest Lab Setup on AWS](https://www.hackingarticles.in/web-application-pentest-lab-setup-on-aws)
19. [Web Application Lab Setup on Windows](https://www.hackingarticles.in/web-application-lab-setup-on-windows/)
20. [Web Application Pentest Lab setup Using Docker](https://www.hackingarticles.in/web-application-pentest-lab-setup-using-docker/)
21. [Web Shells Penetration Testing](https://www.hackingarticles.in/web-shells-penetration-testing/)
22. [SMTP Log Poisoning](https://www.hackingarticles.in/smtp-log-poisioning-through-lfi-to-remote-code-exceution/)
23. [HTTP Authentication](https://www.hackingarticles.in/multiple-ways-to-exploiting-http-authentication/)
24. [Understanding the HTTP Protocol](https://www.hackingarticles.in/understanding-http-protocol/)
25. [Broken Authentication & Session Management](https://www.hackingarticles.in/comprehensive-guide-on-broken-authentication-session-management/)
26. [Apache Log Poisoning through LFI](https://www.hackingarticles.in/apache-log-poisoning-through-lfi/)
27. [Beginner’s Guide to SQL Injection (Part 1)](https://www.hackingarticles.in/beginner-guide-sql-injection-part-1/)
28. [Boolean Based](https://www.hackingarticles.in/beginner-guide-sql-injection-boolean-based-part-2/)
29. [How to Bypass SQL Injection Filter](https://www.hackingarticles.in/bypass-filter-sql-injection-manually/)
30. [Form Based SQL Injection](https://www.hackingarticles.in/form-based-sql-injection-manually/)
31. [Dumping Database using Outfile](https://www.hackingarticles.in/dumping-database-using-outfile/)
32. [IDOR](https://www.hackingarticles.in/beginner-guide-insecure-direct-object-references/)

### Reviews

1. [OSWE Review](https://www.helviojunior.com.br/it/oswe-uma-historia-de-insucessos/) - Portuguese Content
2. [0xklaue](https://0xklaue.medium.com/attacking-the-web-the-offensive-security-way-b38bea609318)
3. [greenwolf security](https://medium.com/greenwolf-security/an-awae-oswe-review-2020-update-6d6ec7a80c1f)
4. [Cristian R](https://securitygrind.com/the-oswe-in-review/)
5. [21y4d](https://forum.hackthebox.eu/discussion/2646/oswe-exam-review-2020-notes-gifts-inside) - Exam Reviews
6. [Marcin Szydlowski](https://infosecwriteups.com/awae-oswe-review-from-a-non-developer-perspective-2c2842cfbd4d)
7. [Nathan Rague](https://hub.schellman.com/blog/oswe-review-and-exam-preparation-guide)
8. [Elias Dimopoulos](https://www.linkedin.com/pulse/awaeoswe-2020-expected-review-elias-dimopoulos/)
9. [OSWE Review - Tips & Tricks](https://www.youtube.com/watch?v=ElZ7fFE9Gr4) - OSWE Review - Tips & Tricks
10. [Alex-labs](https://alex-labs.com/my-awae-review-becoming-an-oswe/)
11. [niebardzo Github](https://niebardzo.github.io/2021-01-12-oswe-review/) - Exam Review
12. [Marcus Aurelius](https://stacktrac3.co/oswe-review-awae-course/)
13. [yakuhito](https://blog.kuhi.to/offsec-awae-oswe-review)
14. [donavan.sg](https://donavan.sg/blog/index.php/2020/03/14/the-awae-oswe-journey-a-review/)
15. [Alexei Kojenov](https://kojenov.com/2020-04-08-oswe-review/)
16. [(OSWE)-Journey & Review](https://www.youtube.com/watch?v=wDev3q8lADE) - Offensive Security Web Expert (OSWE) - Journey & Review
17. [Patryk Bogusz](https://niebardzo.github.io/2021-01-12-oswe-review/)
18. [svdwi GitHub](https://github.com/svdwi/OSWE-Labs-Poc) - OSWE Labs POC
19. [Werebug.com ](https://werebug.com/journal/oswe/osep/2021/08/05/oswe-and-osep-obtained-what-next.html) - OSWE and OSEP
20. [jvesiluoma](https://www.vesiluoma.com/offensive-security-web-expert-oswe-advanced-web-attacks-and-exploitation/)
21. [ApexPredator](https://github.com/ApexPredator-InfoSec/AWAE-OSWE)
22. [Thomas Peterson](https://tpetersonkth.github.io/2022/04/16/OSWE-Review.html)
23. [NOH4TS](https://n0h4ts.medium.com/how-i-pass-oswe-on-the-first-try-2022-92ffaee1e636)
24. [Alex](https://alex-labs.com/my-awae-review-becoming-an-oswe/)
25. [RCESecurity](https://www.rcesecurity.com/2022/04/AWAE-Course-and-OSWE-Exam-Review/)
26. [Dhakal](https://dhakal-ananda.com.np/non-technical/2023/02/09/oswe-journey.html)
27. [Karol Mazurek](https://karol-mazurek95.medium.com/oswe-preparation-5d2d5f0e2cba)
28. [4PFSec](https://4pfsec.com/oswe)
29. [Cobalt.io](https://www.cobalt.io/blog/awae-oswe-for-humans)
30. [hakansonay](https://hakansonay.medium.com/the-oswe-review-and-exam-preparation-guide-e37886046b23)
31. [Jake Mayhew](https://medium.com/@jake.mayhew/web-300-oswe-review-offsec-web-expert-46074fbdb237)
32. [Organic Security](https://www.organicsecurity.in/2024/01/oswe-by-offsec-detailed-review.html)
33. [Bitten Tech](https://www.youtube.com/watch?v=k1NExrTNfks)

### Extra Content

1. [OSWE labs](https://www.youtube.com/watch?v=F46tQww_IvE) - OSWE labs and exam's review/guide
2. [HTB Machine](https://www.youtube.com/watch?v=NMGsnPSm8iw&list=PLidcsTyj9JXKTnpphkJ310PVVGF-GuZA0)
3. [Deserialization](https://www.youtube.com/watch?v=t-zVC-CxYjw&list=PLL5n_4gj5JCw1aRrlVbdMCAugNz-ia3Wh)
7. [B1twis3](https://medium.com/@fasthm00/the-state-of-oswe-c68150210fe4)
9. [jangelesg GitHub](https://github.com/jangelesg/AWAE-OSWE)
10. [rootshooter](https://github.com/rootshooter/oswe-prep-2022)
11. [svdwi](https://github.com/svdwi/OSWE-Labs-Poc)

## OSEP

### Content

- Operating System and Programming Theory
- Client Side Code Execution With Office
- Client Side Code Execution With Jscript
- Process Injection and Migration
- Introduction to Antivirus Evasion
- Advanced Antivirus Evasion
- Application Whitelisting
- Bypassing Network Filters
- Linux Post-Exploitation
- Kiosk Breakouts
- Windows Credentials
- Windows Lateral Movement
- Linux Lateral Movement
- Microsoft SQL Attacks
- Active Directory Exploitation
- Combining the Pieces
- Trying Harder: The Labs

### Study Materials

- [OSEP Code Snippets](https://github.com/chvancooten/OSEP-Code-Snippets)
- [Experienced Pentester OSEP](https://github.com/nullg0re/Experienced-Pentester-OSEP)
- [OSEP Pre](https://github.com/r0r0x-xx/OSEP-Pre)
- [PEN 300 OSEP Prep](https://github.com/deletehead/pen_300_osep_prep)
- [OSEP Thoughts](https://github.com/J3rryBl4nks/OSEP-Thoughts)
- [OSEP Code Snippets README](https://github.com/chvancooten/OSEP-Code-Snippets/blob/main/README.md)
- [Osep](https://github.com/aldanabae/Osep)
- [Google Drive File](https://drive.google.com/file/d/1znezUNtghkcFhwfKMZmeyNrtdbwBXRsz/view?usp=sharing)
- [Awesome Red Team Operations](https://github.com/CyberSecurityUP/Awesome-Red-Team-Operations)
- [OSEP Study Guide 2022 - João Paulo de Andrade Filho](https://www.linkedin.com/pulse/osep-study-guide-2022-jo%C3%A3o-paulo-de-andrade-filho/)
- [OSEP PREP Useful Resources Payloads](https://github.com/Ross46/OSEP-PREP/blob/main/Useful%20Resources/Payloads.md)
- [OSEP in3x0rab13](https://github.com/In3x0rabl3/OSEP)

### Reviews

- [nullg0re](https://nullg0re.com/?p=113)
- [SpaceRaccoon Dev](https://spaceraccoon.dev/offensive-security-experienced-penetration-tester-osep-review-and-exam)
- [HackSouth YouTube](https://www.youtube.com/watch?v=fA3pkNcGpH0&ab_channel=HackSouth)
- [Schellman](https://www.schellman.com/blog/osep-and-pen-300-course-review)
- [Cinzinga](https://cinzinga.com/OSEP-PEN-300-Review/)
- [YouTube iUPyiJbN4l4](https://www.youtube.com/watch?v=iUPyiJbN4l4)
- [BorderGate](https://www.bordergate.co.uk/offensive-security-experienced-penetration-tester-osep-review/)
- [Reddit OSEP Review](https://www.reddit.com/r/osep/comments/ldhc20/osep_review/)
- [Reddit OSCP Review](https://www.reddit.com/r/oscp/comments/jj0sr9/offensive_security_experienced_penetration_tester/)
- [Purpl3F0xSecur1ty](https://www.purpl3f0xsecur1ty.tech/2021/03/18/osep.html)
- [MakoSecBlog](https://makosecblog.com/miscellaneous/osep-course-review/)
- [YouTube iUPyiJbN4l4](https://www.youtube.com/watch?v=iUPyiJbN4l4&t=1s)
- [YouTube 15sv5eZ0oCM](https://www.youtube.com/watch?v=15sv5eZ0oCM)
- [YouTube 0n3Li63PwnQ](https://www.youtube.com/watch?v=0n3Li63PwnQ)
- [YouTube BWNzB1wIEQ](https://www.youtube.com/watch?v=BWNzB1wIEQ)
- [SpaceRaccoon Dev](https://spaceraccoon.dev/offensive-security-experienced-penetration-tester-osep-review-and-exam)
- [Cas van Cooten](https://casvancooten.com/posts/2021/03/getting-the-osep-certification-evasion-techniques-and-breaching-defenses-pen-300-course-review/)
- [BorderGate](https://www.bordergate.co.uk/offensive-security-experienced-penetration-tester-osep-review/)
- [MakoSecBlog](https://makosecblog.com/miscellaneous/osep-course-review/)
- [David Lebr1 GitBook](https://davidlebr1.gitbook.io/infosec/blog/osep-review)
- [Offensive Security](https://www.offensive-security.com/offsec/pen300-approach-review/)
- [João Paulo de Andrade Filho LinkedIn](https://www.linkedin.com/pulse/osep-study-guide-2022-jo%C3%A3o-paulo-de-andrade-filho/)
- [YouTube R1apMwbVuDs](https://www.youtube.com/watch?v=R1apMwbVuDs)
- [YouTube iUPyiJbN4l4](https://www.youtube.com/watch?v=iUPyiJbN4l4)
- [Cristian Cornea Medium](https://corneacristian.medium.com/tips-for-offensive-security-experienced-penetration-tester-osep-certification-92f3801428c3)
- [Security Boulevard](https://securityboulevard.com/2023/05/osep-review/)
- [YouTube R1apMwbVuDs](https://www.youtube.com/watch?v=R1apMwbVuDs&ab_channel=Conda)
- [Fluid Attacks](https://fluidattacks.com/blog/osep-review/)
- [Heartburn.dev](https://heartburn.dev/osep-review-2021-offensive-security-experienced-pentester/)
- [YouTube FVZkVZKIyOA](https://www.youtube.com/watch?v=FVZkVZKIyOA&ab_channel=FantasM)
- [RootJaxk](https://rootjaxk.github.io/posts/OSEP/)
- [Dhruvagoyal](https://dhruvagoyal.medium.com/cracking-the-osep-exam-a-48-hour-marathon-to-victory-c0021cd15c3c)
- [IT Security Labs](https://www.youtube.com/watch?v=5SEgaUhVCcE)
- [Benjamen Lim](https://westsideelectronics.com/osep-in-2024/)
- [Marmeus](https://marmeus.com/post/OSEP)
- [Winslow](https://winslow1984.com/books/notes-beK/page/backup-osep-and-oswe-review)
- [Jakob Bo Moller](https://www.linkedin.com/pulse/my-osep-experience-jakob-bo-m%C3%B8ller-0taze/)
- [swzhouu](https://medium.com/secure-d/offsec-experienced-penetration-tester-osep-2024-review-9183343d7453)

### Labs

- [SpaceRaccoon Dev - OSEP Review and Exam](https://spaceraccoon.dev/offensive-security-experienced-penetration-tester-osep-review-and-exam)
- [Exploit-DB - Evasion Techniques Breaching Defenses](https://www.exploit-db.com/evasion-techniques-breaching-defenses)
- [OSCP Exam Report Template Markdown](https://noraj.github.io/OSCP-Exam-Report-Template-Markdown/)
- [Offensive Security - OSEP Exam FAQ](https://help.offensive-security.com/hc/en-us/articles/360049781352-OSEP-Exam-FAQ)
- [CyberEagle - OSEP Review](https://www.cybereagle.io/blog/osep-review/)
- [PentestLab - Defense Evasion](https://pentestlab.blog/category/red-team/defense-evasion/)
- [PentestLab - Antivirus Evasion](https://pentestlab.blog/tag/antivirus-evasion/)
- [PentestLaboratories - Process Herpaderping Windows Defender Evasion](https://pentestlaboratories.com/2021/01/18/process-herpaderping-windows-defender-evasion/)
- [YouTube - PentesterAcademyTV](https://www.youtube.com/watch?v=dS0GcSA7kEw&ab_channel=PentesterAcademyTV)
- [YouTube - PacktVideo](https://www.youtube.com/watch?v=cqxOS9uQL_c&ab_channel=PacktVideo)
- [YouTube - PentesterAcademyTV](https://www.youtube.com/watch?v=ZaJpDeLvo6I&ab_channel=PentesterAcademyTV)
- [GitHub - In3x0rabl3/OSEP](https://github.com/In3x0rabl3/OSEP)
- [GitHub - timip/OSEP](https://github.com/timip/OSEP)

## OSED

### Content

- WinDbg tutorial
- Stack buffer overflows
- Exploiting SEH overflows
- Intro to IDA Pro
- Overcoming space restrictions: Egghunters
- Shellcode from scratch
- Reverse-engineering bugs
- Stack overflows and DEP/ASLR bypass
- Format string specifier attacks
- Custom ROP chains and ROP payload decoders

### Study Materials

- [snoopysecurity - OSCE Prep](https://github.com/snoopysecurity/OSCE-Prep)
- [epi052 - OSED Scripts](https://github.com/epi052/osed-scripts)
- [Exploit-DB - Windows User Mode Exploit Development](https://www.exploit-db.com/windows-user-mode-exploit-development)
- [r0r0x-xx - OSED Pre](https://github.com/r0r0x-xx/OSED-Pre)
- [sradley - OSED](https://github.com/sradley/osed)
- [Nero22k - Exploit Development](https://github.com/Nero22k/Exploit_Development)
- [YouTube - 7PMw9GIb8Zs](https://www.youtube.com/watch?v=7PMw9GIb8Zs)
- [YouTube - FH1KptfPLKo](https://www.youtube.com/watch?v=FH1KptfPLKo)
- [YouTube - sOMmzUuwtmc](https://www.youtube.com/watch?v=sOMmzUuwtmc)
- [ExploitLab Blog](https://blog.exploitlab.net/)
- [Azeria Labs - Heap Exploit Development Part 1](https://azeria-labs.com/heap-exploit-development-part-1/)
- [ZeroKnights - Getting Started Exploit Lab](http://zeroknights.com/getting-started-exploit-lab/)
- [Google Drive File 1](https://drive.google.com/file/d/1poocO7AOMyBQBtDXvoaZ2dgkq3Zf1Wlb/view?usp=sharing)
- [Google Drive File 2](https://drive.google.com/file/d/1qPPs8DHbeJ6YIIjbsC-ZPMajUeSfXw6N/view?usp=sharing)
- [Google Drive File 3](https://drive.google.com/file/d/1RdkhmTIvD6H4uTNxWL4FCKISgVUbaupL/view?usp=sharing)
- [Corelan - Exploit Writing Tutorial Part 1: Stack Based Overflows](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/)
- [wtsxDev - Exploit Development](https://github.com/wtsxDev/Exploit-Development/blob/master/README.md)
- [corelan - Corelan Training](https://github.com/corelan/CorelanTraining)
- [subat0mik - Journey to OSCE](https://github.com/subat0mik/Journey_to_OSCE)
- [nanotechz9l - Corelan Exploit Tutorial Part 1: Stack Based Overflows](https://github.com/nanotechz9l/Corelan-Exploit-tutorial-part-1-Stack-Based-Overflows/blob/master/3%20eip_crash.rb)
- [snoopysecurity - OSCE Prep](https://github.com/snoopysecurity/OSCE-Prep)
- [bigb0sss - OSCE](https://github.com/bigb0sss/OSCE)
- [epi052 - OSCE Exam Practice](https://github.com/epi052/OSCE-exam-practice)
- [mdisec - OSCE Preparation](https://github.com/mdisec/osce-preparation)
- [mohitkhemchandani - OSCE BIBLE](https://github.com/mohitkhemchandani/OSCE_BIBLE)
- [FULLSHADE - OSCE](https://github.com/FULLSHADE/OSCE)
- [areyou1or0 - OSCE Exploit Development](https://github.com/areyou1or0/OSCE-Exploit-Development)
- [securityELI - CTP OSCE](https://github.com/securityELI/CTP-OSCE)
- [Google Drive File 4](https://drive.google.com/file/d/1MH9Tv-YTUVrqgLT3qJDBl8Ww09UyF2Xc/view?usp=sharing)
- [Coalfire Blog - The Basics of Exploit Development](https://www.coalfire.com/the-coalfire-blog/january-2020/the-basics-of-exploit-development-1)
- [Connor McGarr - Browser Exploit](https://connormcgarr.github.io/browser1/)
- [KaliTut - Exploit Development Resources](https://kalitut.com/exploit-development-resources/)
- [0xZ0F - Z0FCourse Exploit Development](https://github.com/0xZ0F/Z0FCourse_ExploitDevelopment)
- [dest-3 - OSED Resources](https://github.com/dest-3/OSED_Resources)
- [Infosec Institute - Python for Exploit Development](https://resources.infosecinstitute.com/topic/python-for-exploit-development-common-vulnerabilities-and-exploits/)
- [Anitian - A Study in Exploit Development Part 1: Setup and Proof of Concept](https://www.anitian.com/a-study-in-exploit-development-part-1-setup-and-proof-of-concept/)
- [Sam's Class - WWC 2014](https://samsclass.info/127/127_WWC_2014.shtml)
- [Stack Overflow - Exploit Development in Python 3](https://stackoverflow.com/questions/42615124/exploit-development-in-python-3)
- [CTF Writeups - Converting Metasploit Modules to Python](https://cd6629.gitbook.io/ctfwriteups/converting-metasploit-modules-to-python)
- [PacktPub - Networking and Servers](https://subscription.packtpub.com/book/networking_and_servers/9781785282324/8)
- [Cybrary - Exploit Development Part 5](https://www.cybrary.it/video/exploit-development-part-5/)
- [SpaceRaccoon - ROP and Roll EXP-301 Offensive Security Exploit Development (OSED) Review](https://spaceraccoon.dev/rop-and-roll-exp-301-offensive-security-exploit-development-osed-review-an)
- [Offensive Security - OSED Exam Guide](https://help.offensive-security.com/hc/en-us/articles/360052977212-OSED-Exam-Guide)
- [epi052 - OSED Scripts](https://github.com/epi052/osed-scripts)
- [YouTube - 0n3Li63PwnQ](https://www.youtube.com/watch?v=0n3Li63PwnQ)
- [epi052 - Windows Usermode Exploit Development Review](https://epi052.gitlab.io/notes-to-self/blog/2021-06-16-windows-usermode-exploit-development-review/)
- [PythonRepo - epi052 OSED Scripts](https://pythonrepo.com/repo/epi052-osed-scripts)
- [dhn - OSEE](https://github.com/dhn/OSEE)
- [PythonRepo - epi052 OSED Scripts](https://pythonrepo.com/repo/epi052-osed-scripts)
- [nop-tech - OSED](https://github.com/nop-tech/OSED)
- [Ired Team - ROP Chaining Return Oriented Programming](https://www.ired.team/offensive-security/code-injection-process-injection/binary-exploitation/rop-chaining-return-oriented-programming)
- [InfoSec Writeups - ROP Chains on ARM](https://infosecwriteups.com/rop-chains-on-arm-3f087a95381e)
- [YouTube - 8zRoMAkGYQE](https://www.youtube.com/watch?v=8zRoMAkGYQE)
- [Infosec Institute - Return Oriented Programming ROP Attacks](https://resources.infosecinstitute.com/topic/return-oriented-programming-rop-attacks/)
- [dest-3 - OSED Resources](https://github.com/dest-3/OSED_Resources)
- [mrtouch93 - OSED Notes](https://github.com/mrtouch93/OSED-Notes)
- [wry4n - OSED Scripts](https://github.com/wry4n/osed-scripts)
- [r0r0x-xx - OSED Pre](https://github.com/r0r0x-xx/OSED-Pre)

### Reviews

- [YouTube - aWHL9hIKTCA](https://www.youtube.com/watch?v=aWHL9hIKTCA)
- [YouTube - 62mWZ1xd8eM](https://www.youtube.com/watch?v=62mWZ1xd8eM)
- [ihack4falafel - Offensive Security AWEOSEE Review](https://ihack4falafel.github.io/Offensive-Security-AWEOSEE-Review/)
- [LinkedIn - Advanced Windows Exploitation (OSEE) Review - Etizaz Mohsin](https://www.linkedin.com/pulse/advanced-windows-exploitation-osee-review-etizaz-mohsin-/)
- [Animal0day - Reviews for OSCP, OSCE, OSEE, and Corelan](https://animal0day.blogspot.com/2018/11/reviews-for-oscp-osce-osee-and-corelan.html)
- [AddaxSoft - Offensive Security Advanced Windows Exploitation (AWE/OSEE) Review](https://addaxsoft.com/blog/offensive-security-advanced-windows-exploitation-awe-osee-review/)
- [jhalon - OSCE Review](https://jhalon.github.io/OSCE-Review/)
- [YouTube - NAe6f1_XG6Q](https://www.youtube.com/watch?v=NAe6f1_XG6Q)
- [SpaceRaccoon - ROP and Roll EXP-301 Offensive Security Exploit Development (OSED) Review](https://spaceraccoon.dev/rop-and-roll-exp-301-offensive-security-exploit-development-osed-review-and)
- [kuhi.to - OFFSEC EXP301 OSED Review](https://blog.kuhi.to/offsec-exp301-osed-review)
- [epi052 - Windows Usermode Exploit Development Review](https://epi052.gitlab.io/notes-to-self/blog/2021-06-16-windows-usermode-exploit-development-review/)
- [SpaceRaccoon - ROP and Roll EXP-301 Offensive Security Exploit Development (OSED) Review](https://spaceraccoon.dev/rop-and-roll-exp-301-offensive-security-exploit-development-osed-review-and/)
- [YouTube - NAe6f1_XG6Q](https://www.youtube.com/watch?v=NAe6f1_XG6Q)
- [LinkedIn - Offensive Security Certified Expert 3 (OSCE3) - Cristian Cornea](https://www.linkedin.com/posts/cristian-cornea-b37005178_offensive-security-certified-expert-3-osce3-activity-7006233011746709505-1WCG/)
- [NOP Blog - OSED](https://nop-blog.tech/blog/osed/)
- [Deep Hacking - OSED Review](https://deephacking.tech/osed-review/)

### Labs

- [CyberSecurityUP - Buffer Overflow Labs](https://github.com/CyberSecurityUP/Buffer-Overflow-Labs)
- [ihack4falafel - OSCE](https://github.com/ihack4falafel/OSCE)
- [nathunandwani - CTP OSCE](https://github.com/nathunandwani/ctp-osce)
- [sufyandaredevil - OSED - Exploiting SEH Overflows](https://github.com/sufyandaredevil/OSED/blob/main/03_exploiting_seh_overflows.md)
- [firmianay - Life-long Learner - SEED Labs - Buffer Overflow Vulnerability Lab](https://github.com/firmianay/Life-long-Learner/blob/master/SEED-labs/buffer-overflow-vulnerability-lab.md)
- [wadejason - Buffer Overflow Vulnerability Lab](https://github.com/wadejason/Buffer-Overflow-Vulnerability-Lab)
- [Jeffery-Liu - Buffer Overflow Vulnerability Lab](https://github.com/Jeffery-Liu/Buffer-Overflow-Vulnerability-Lab)
- [mutianxu - SEED LAB - Buffer Overflow Attack](https://github.com/mutianxu/SEED-LAB-Bufferoverflow_attack)
- [INE - Windows Exploit Development](https://my.ine.com/CyberSecurity/courses/54819bbb/windows-exploit-development)
- [Connor McGarr - Browser Exploit](https://connormcgarr.github.io/browser1/)
- [Coalfire Blog - The Basics of Exploit Development](https://www.coalfire.com/the-coalfire-blog/january-2020/the-basics-of-exploit-development-1)
- [Pentest Magazine - Exploit Development Windows](https://pentestmag.com/product/exploit-development-windows-w38/)
- [Steflan Security - Complete Guide to Stack Buffer Overflow (OSCP)](https://steflan-security.com/complete-guide-to-stack-buffer-overflow-oscp/#:~:text=Stack%20buffer%20overflow%20is%20a,of%20the%20intended%20data%20structure)
- [Offensive Security - EVOCAM Remote Buffer Overflow on OSX](https://www.offensive-security.com/vulndev/evocam-remote-buffer-overflow-on-osx/)
- [Exploit-DB - Exploit 42928](https://www.exploit-db.com/exploits/42928)
- [Exploit-DB - Exploit 10434](https://www.exploit-db.com/exploits/10434)
- [OCW CS PUB RO - Lab 08](https://ocw.cs.pub.ro/courses/cns/labs/lab-08)
- [epi052 - OSED Scripts](https://github.com/epi052/osed-scripts)

## OSEE

### Content

- Bypass and evasion of user mode security mitigations such as DEP, ASLR, CFG, ACG and CET
- Advanced heap manipulations to obtain code execution along with guest-to-host and sandbox escapes
- Disarming WDEG mitigations and creating version independence for weaponization
- 64-Bit Windows Kernel Driver reverse engineering and vulnerability discovery
- Bypass of kernel mode security mitigations such as kASLR, NX, SMEP, SMAP, kCFG and HVCI

### Study Materials

- https://www.linkedin.com/pulse/advanced-windows-exploitation-osee-review-etizaz-mohsin-/
- https://www.crowdstrike.com/blog/state-of-exploit-development-part-2/
- https://www.youtube.com/watch?v=pH6qocUEor0&ab_channel=BlackHat
- https://github.com/nccgroup/exploit_mitigations/blob/master/windows_mitigations.md
- https://hack.technoherder.com/sandbox-escapes/
- https://www.youtube.com/watch?v=LUH6ZxYNJFg&ab_channel=ZeroDayInitiative
- https://www.youtube.com/watch?v=NDuWcGn5hTQ&ab_channel=ZeroDayInitiative
- https://www.youtube.com/watch?v=p0OaGMlBb2k&ab_channel=BlackHat
- https://github.com/MorteNoir1/virtualbox_e1000_0day
- https://blog.palantir.com/assessing-the-effectiveness-of-a-new-security-data-source-windows-defender-exploit-guard-860b69db2ad2
- https://github.com/palantir/exploitguard
- https://github.com/microsoft/Windows-classic-samples
- https://github.com/SofianeHamlaoui/Pentest-Notes/blob/master/offensive-security/code-injection-process-injection/how-to-hook-windows-api-using-c%2B%2B.md
- https://github.com/ndeepak-zzzz/Windows-API-with-Python
- https://int0x33.medium.com/day-59-windows-api-for-pentesting-part-1-178c6ba280cb

### Reviews

- https://ihack4falafel.github.io/Offensive-Security-AWEOSEE-Review/
- https://www.richardosgood.com/posts/advanced-windows-exploitation-review/
- https://www.youtube.com/watch?v=srJ1ICC4ON8&ab_channel=DavidAlvesWeb
- https://medium.com/@0xInyiak/my-offensive-security-journey-part-1-5ffbd66fe0c2

### Labs

- https://github.com/BLACKHAT-SSG/EXP-401-OSEE
- https://github.com/timip/OSEE
- https://github.com/dhn/OSEE
- https://github.com/orangice/AWE-OSEE-Prep
- https://github.com/matthiaskonrath/AWE-OSEE-Prep
- https://github.com/ihack4falafel/OSEE
- https://github.com/gscamelo/OSEE
- https://github.com/w4fz5uck5/3XPL01t5

## Social Network

### [Joas Antonio - Linkedin](https://www.linkedin.com/in/joas-antonio-dos-santos)
### [CyberSceurityUP- GitHub](https://github.com/CyberSecurityUP)
### [C0d3Cr4zy - Twitter](https://twitter.com/C0d3Cr4zy)

### [Filipi Pires - Linkedin](https://www.linkedin.com/in/filipipires/)
### [Filipi Pires - GitHub](https://github.com/filipi86)
### [Filipi Pires - Twitter](https://twitter.com/FilipiPires)