Awesome OSCP

A curated list of awesome OSCP resources

Contents

• Resources
  • OSCP Reviews and Guides
  • Cheatsheets and Scripts
  • Topics
    • Buffer Overflow
    • Privilege Escalation
    • Active Directory
  • Other OSCP Resources
    • Books
• License

Resources

OSCP Reviews and Guides

• Official OSCP Certification Exam Guide
• Luke’s Ultimate OSCP Guide (Part 1, Part 2, Part 3)
• How to prepare for PWK/OSCP, a noob-friendly guide
• n3ko1's OSCP Guide
• Jan's "Path to OSCP" Videos
• Offensive Security’s PWB and OSCP - My Experience (+ some scripts)
• OSCP Lab and Exam Review
• OSCP Preparation Notes
• A Detailed Guide on OSCP Preparation – From Newbie to OSCP
• My Fight for OSCP
• The Ultimate OSCP Preparation Guide
• The Journey to Try Harder: TJnull’s Preparation Guide for PEN-200 PWK/OSCP 2.0

Cheatsheets and Scripts

• Luke's Practical hacking tips and tricks
• Penetration Testing Tools Cheat Sheet
• How to Pass OSCP
• Reverse Shell Cheat Sheet
• Reverse Shell Generator
• 7 Linux Shells Using Built-in Tools
• Windows Exploit Suggester
• Linux Exploit Suggester
• OSCPRepo
• Go-for-OSCP
• Pentest Compilation
• Collection of OSCP scripts

Topics

Buffer Overflow

• Corelan's Exploit writing tutorial part 1 : Stack Based Overflows
• Justin's DoStackBufferOverflowGood
• Writing Exploits for Win32 Systems from Scratch
• 32-Bit Windows Buffer Overflows Made Easy
• Introduction to Buffer Overflow Video
• OverTheWire's Narnia Wargame

Privilege Escalation

• Windows Privilege Escalation Fundamentals
• Common Windows Privilege Escalation Vectors
• Encyclopaedia Of Windows Privilege Escalation by Brett Moore
• Level Up! Practical Windows Privilege Escalation by Andrew Smith
• Basic Linux Privilege Escalation
• Linux privilege escalation by Jake Williams

Active-Directory

• Active Directory Methodology
• Active Directory Exploitation Cheat Sheet
• PayloadsAllTheThings AD
• Attacking Active Directory: 0 to 0.9
• PowerView-3.0 tips and tricks

Hands-On Resources.

• TryHackMe
  • Active Directory Basics - Easy
  • Post-Exploitation Basics - Easy
  • Vulnnet Roasted - Easy
  • Attacktive Directory - Medium
  • raz0r black - Medium
  • Enterprise - Medium
  • Vulnnet Active - Medium
  • Zero Logon - Hard
  • Holo - Hard
  • Throwback - Easy
• HackTheBox
  • Forest - Easy
  • Active - Easy
  • Fuse - Medium
  • Cascade - Medium
  • Monteverde - Medium
  • Resolute - Medium
  • Arkham - Medium
  • Mantis - Hard
  • APT - Insane
  • Dante - Beginner
  • Offshore - Intermediate
  • RastaLabs - Intermediate
  • Cybernetics - Advanced
  • APT Labs - Advanced
• HackTheBox Academy ( PAID )
  • Introduction to Active Directory - Fundamental
  • ActiveDirectory LDAP - Medium
  • ActiveDirectory Powerview - Medium
  • ActiveDirectory BloodHound - Medium
  • ActiveDirectory Enumeration & Attacks - Medium
• Proving Grounds
  • PG-Practice ( PAID )
    • Hutch
    • Heist
    • Vault

Other OSCP Resources

• PWK Syllabus
• OSCP-Prep-Resources
• Offensive Security Bookmarks
• The how to get the OSCP certification wiki
• OSCP Goldmine
• Penetration Testing Study Notes
• OSCP-like Vulnhub VMs
• Metasploit Unleashed
• Awesome Penetration Testing
• OSCP Exam Report Template in Markdown

Books

• Penetration Testing: A Hands-on Introduction to Hacking
• The Hacker Playbook 3: Practical Guide to Penetration Testing
• RTFM: Red Team Field Manual
• RTFM: Red Team Field Manual v2
• The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws (2nd Edition)

License

To the extent possible under law, Adel "0x4D31" Karimi has waived all copyright and related or neighboring rights to this work.