austinsonger / oscp Goto Github PK
View Code? Open in Web Editor NEWTracking my journey towards earning my OSCP. This includes the process of everything that I learn along the way.
oscp's Issues
Boolean Logical Operations
Security Headers Scanner and SSL Server Test, Pastebin
Information Gathering Frameworks
- OSINT Framework
- Maltego
Wireshark
- Wireshark Basics
- Launching Wireshark
- Capture Filters
- Display Filters
- Following TCP Streams
Know Your Target
- Passive Client Information Gathering
- Active Client Information Gathering
Buffer Overflow Walkthrough
- Sample Vulnerable Code
- Introducing the Immunity Debugger
- Navigating Code
- Overflowing the Buffer
- Exercises
Vulnerability Scanning with Nessus
- Installing Nessus
- Defining Targets
- Configuring Scan Definitions
- Unauthenticated Scanning With Nessus
- Authenticated Scanning With Nessus
- Scanning with Individual Nessus Plugins
Comparing Files
- comm
- diff
- vimdiff
Managing Processes
- Backgrounding Processes (bg)
- Jobs Control: jobs and fg
- Process Control: ps and kill
Fixing Memory Corruption Exploits
- Overview and Considerations
- Importing and Examining the Exploit
- Cross-Compiling Exploit Code
- Changing the Socket Information
- Changing the Return Address
- Changing the Payload
- Changing the Overflow Buffer
Web Application Enumeration
- Inspecting URLs
- Inspecting Page Content
- Viewing Response Headers
- Inspecting Sitemaps
- Locating Administration Consoles
Locating Public Exploits
- A Word of Caution
- Searching for Exploits
SOCAT
- Netcat vs Socat
- Socat File Transfers
- Socat Reverse Shells
- Socat Encrypted Bind Shells
Fixing Web Exploits
- Considerations and Overview
- Selecting the Vulnerability
- Changing Connectivity Information
- Troubleshooting the “index out of range” Error
TcpDump
- Filtering Traffic
- Advanced Header Filtering
Recon-ng and Shodan
Exploiting Microsoft Office
- Installing Microsoft Office
- Microsoft Word Macro
- Object Linking and Embedding
- Evading Protected View
NFS Enumeration
- Scanning for NFS Shares
- Nmap NFS NSE Scripts
DNS Enumeration
- Interacting with a DNS Server
- Automating Lookups
- Forward Lookup Brute Force
- Reverse Lookup Brute Force
- DNS Zone Transfers
- Relevant Tools in Kali Linux
Downloading Files
- wget
- curl
- axel
Linux Buffer Overflows
- About DEP, ASLR, and Canaries
- Replicating the Crash
- Controlling EIP
- Locating Space for Our Shellcode
- Checking for Bad Characters
- Finding a Return Address
- Getting a Shell
Considerations and Preparations
- Dangers of Transferring Attack Tools
- Installing Pure-FTPd
- The Non-Interactive Shell
Methods of Detecting Malicious Code
- Signature-Based Detection
- Heuristic and Behavioral-Based Detection
Stackover Flow
Loops
- For Loops
- While Loops
Exploiting Web-based Vulnerabilities
- Exploiting Admin Consoles
- Cross-Site Scripting (XSS)
- Directory Traversal Vulnerabilities
- File Inclusion Vulnerabilities
- SQL Injection
SMTP Enumeration
Customizing the Bash Environment
- Bash History Customization
- Alias
- Persistent Bash Customization
Netcat
- Connecting to a TCP/UDP Port
- Listening on a TCP/UDP Port
- Transferring Files with Netcat
- Remote Administration with Netcat
User Information Gathering
- Email Harvesting
- Password Dumps
Introduction to the x Architecture
- Program Memory
- CPU Registers
Social Media Tools
- Site-Specific Tools
File and Command Monitoring
- tail
- watch
SNMP Enumeration
- The SNMP MIB Tree
- Scanning for SNMP
- Windows SNMP Enumeration Example
Variables
- Arguments
- Reading User Input
Transferring Files with Windows Hosts
- Non-Interactive FTP Download
- Windows Downloads Using Scripting Languages
- Windows Downloads with exe2hex and PowerShell
- Windows Uploads Using Windows Scripting Languages
- Uploading Files with TFTP
Win Buffer Overflow Exploitation
- A Word About DEP, ASLR, and CFG
- Replicating the Crash
- Controlling EIP
- Locating Space for Our Shellcode
- Checking for Bad Characters
- Redirecting the Execution Flow
- Finding a Return Address
- Generating Shellcode with Metasploit
- Getting a Shell
- Improving the Exploit
Text Searching and Manipulation
- grep
- sed
- cut
- awk
Web Application Assessment Tools
- DIRB
- Burp Suite
- Nikto
Functions
Piping and Redirection
- Redirecting to a New File
- Redirecting to an Existing File
- Redirecting from a File
- Redirecting STDERR
- Piping
Port Scanning
- TCP / UDP Scanning
- Port Scanning with Nmap
- Masscan
Netcraft and Google Hacking
Website Recon and Whois Enumeration
The Bash Environment
- Environment Variables
- Tab Completion
- Bash History Tricks
Leveraging HTML Applications
- Exploring HTML Applications
- HTA Attack in Action
Discovering the Vulnerability
- Fuzzing the HTTP Protocol
SMB Enumeration
- Scanning for the NetBIOS Service
- Nmap SMB NSE Scripts
If, Else, Elif Statements
PowerShell and Powercat
- PowerShell File Transfers
- PowerShell Reverse Shells
- PowerShell Bind Shells
- Powercat
- Powercat File Transfers
- Powercat Reverse Shells
- Powercat Bind Shells
- Powercat Stand-Alone Payloads
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.