[
  {
    "path": "README.md",
    "content": "# OSCP-PWK-Prep-Resources-\nUPDATE 06/01/2020: Hey there friends, I have been very quiet on here, I was surprised to see more people have starred this \"guide\" more than I expected, so I am glad this provides some use to folks. I do plan on being more active now on here now as I start my OSCP jouney once again. Unfortunately I underestimated the depth of the course and so pretty much found myself struggling in the labs =(. During my time away I have been doing some background studying but not as focused as I want to be before signing up for the lab again. My goal was to actually start again this summer but 2 things occured, Offsec updated the labs and now if I want the updated material AND additional lab time I am looking at spending $999 so I have some $$$ to save. The 2nd delay is because of covid-19, I am blessed to still be working currently but we have idea if things will take a turn so for now I am holding on tight to my purse strings lol. Once I have a better cushion for myself I will feel comfortable dropping $999. During my time away I did sign up for eLearnsecurity PTS course, its an introductory course so does not go that much into depth but I am really enjoying and the content is really high quality, its around $400 which isnt cheap in my expensive but is not as bad as other certification courses. I plan on being more productive and transparent during my go around this time, I may do some videos when I start the course again but for now I will just be updating my github.io blog. \n\nA list of the resources I have been using as I prepare for the exam\n\nUpdate: changed wording so that it didnt seem like I already have the certification. My exam is scheduled for the end of December. I also have some more resources that I have found helpful since the last update. I will be adding those sometime this week\n\n  # OSCP Experience\nThis are the blogs I have found that have given me a good direction to start as I prepared for the course\n\nhttps://www.hacksplaining.com/\n\nhttp://www.abatchy.com/search/label/OSCP%20Prep\n\nhttp://www.techexams.net/forums/security-certifications/113355-list-recent-oscp-threads.html\n\nhttp://www.jasonbernier.com/oscp-review/\n\nhttps://localhost.exposed/path-to-oscp/\n\nhttps://pinboard.in/u:unfo/t:oscp\n\n# The Basics - Start Here\nthese are the resources I used to get more comfortable with linux, scripting, TCP/IP, etc. I recommend starting with these especially if you dont have much/any experience\n\nhttps://pentesterlab.com/bootcamp\n\nhttp://www.penguintutor.com/linux/basic-network-reference\n\nhttps://www.cybrary.it/course/advanced-penetration-testing/\n\nhttps://tulpasecurity.files.wordpress.com/2016/09/tulpa-pwk-prep-guide1.pdf\n\n# Metasploit \nalthough it has been said that Metasploit use is limited during the exam, Offensive Security recommends getting more familiar with Metasploit. I have been going through the metasploit unleashed course its really good info, i would be suprised if I dont have to come back to this repeatedly\n\nhttps://www.offensive-security.com/metasploit-unleashed/\n\nhttps://community.rapid7.com/community/metasploit/blog/2016/11/15/test-your-might-with-the-shiny-new-metasploitable3\n\n# Linux Exploitation\n\nhttps://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/\n\nPrivilege Escalation - Linux\n\nhttps://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/\n\n# TCPDump\n\nhttps://danielmiessler.com/study/tcpdump/\n\n# Buffer Overflows\n\nhttps://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481\n\nhttps://www.exploit-db.com/docs/28475.pdf\n\n# Enumeration\n\nhttps://hackercool.com/2016/07/smb-enumeration-with-kali-linux-enum4linuxacccheck-smbmap/\n\nhttps://null-byte.wonderhowto.com/how-to/hack-like-pro-reconnaissance-with-recon-ng-part-1-getting-started-0169854/\n\nhttp://0daysecurity.com/penetration-testing/enumeration.html\n\n# Cheat Sheets for All the Things!!!!!!!\n\nhttps://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf\n\nhttps://highon.coffee/blog/nmap-cheat-sheet/\n\nhttp://www.cheat-sheets.org/saved-copy/Notepad++_Cheat_Sheet.pdf\n\nhttp://www.isical.ac.in/~pdslab/2016/lectures/bash_cheat_sheet.pdf\n\nhttp://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet\n\nhttps://www.sans.org/security-resources/GoogleCheatSheet.pdf\n\nhttps://www.tunnelsup.com/python-cheat-sheet/\n\nhttps://www.tunnelsup.com/metasploit-cheat-sheet/\n\n# Reverse and Bind Shell tutorials\n\nhttp://resources.infosecinstitute.com/icmp-reverse-shell/#gref\n\n# Text Editor Cheat Sheets\n\nhttps://vim.rtorr.com/ - Vim\n\n"
  },
  {
    "path": "Useful Commands.md",
    "content": "Commands/tools I have been using frequently\n\n# NMAP \n\nNmap UDP scan ```nmap <IP> -sU```\n\nOutput the nmap scan in 3 major formats ```nmap <IP> -oA filename```\n\nnmap scan to do service and OS detection and scan all ports ```nmap -p- -SV -A <IP>```\n\n[https://www.stationx.net/nmap-cheat-sheet/]\n\n[https://highon.coffee/blog/nmap-cheat-sheet/]\n\n# Nikto\n\n```nikto -h <IP>```\n\n# Directories of interest (linux)\nDigital ocean has become my favorite resource for learning about Linux, straight to the point and easy to understand.\n\n```/etc/```\n\n```/etc/passwd```\n\n```/etc/fstab```\n\n```/etc/hosts```\n\n```/etc/init.d```\n\n```/usr/sbin```\n\n[https://www.digitalocean.com/community/tutorials/how-to-use-passwd-and-adduser-to-manage-passwords-on-a-linux-vps]\n\ndisplay the first few lines of a file ```head file.txt```\ndisplay the last few lines of a file ```tail file.txt```\n"
  }
]