Repository: burntmybagel/OSCP-Prep Branch: master Commit: ab4d086e17c4 Files: 2 Total size: 5.3 KB Directory structure: gitextract_6mv9i_dw/ ├── README.md └── Useful Commands.md ================================================ FILE CONTENTS ================================================ ================================================ FILE: README.md ================================================ # OSCP-PWK-Prep-Resources- UPDATE 06/01/2020: Hey there friends, I have been very quiet on here, I was surprised to see more people have starred this "guide" more than I expected, so I am glad this provides some use to folks. I do plan on being more active now on here now as I start my OSCP jouney once again. Unfortunately I underestimated the depth of the course and so pretty much found myself struggling in the labs =(. During my time away I have been doing some background studying but not as focused as I want to be before signing up for the lab again. My goal was to actually start again this summer but 2 things occured, Offsec updated the labs and now if I want the updated material AND additional lab time I am looking at spending $999 so I have some $$$ to save. The 2nd delay is because of covid-19, I am blessed to still be working currently but we have idea if things will take a turn so for now I am holding on tight to my purse strings lol. Once I have a better cushion for myself I will feel comfortable dropping $999. During my time away I did sign up for eLearnsecurity PTS course, its an introductory course so does not go that much into depth but I am really enjoying and the content is really high quality, its around $400 which isnt cheap in my expensive but is not as bad as other certification courses. I plan on being more productive and transparent during my go around this time, I may do some videos when I start the course again but for now I will just be updating my github.io blog. A list of the resources I have been using as I prepare for the exam Update: changed wording so that it didnt seem like I already have the certification. My exam is scheduled for the end of December. I also have some more resources that I have found helpful since the last update. I will be adding those sometime this week # OSCP Experience This are the blogs I have found that have given me a good direction to start as I prepared for the course https://www.hacksplaining.com/ http://www.abatchy.com/search/label/OSCP%20Prep http://www.techexams.net/forums/security-certifications/113355-list-recent-oscp-threads.html http://www.jasonbernier.com/oscp-review/ https://localhost.exposed/path-to-oscp/ https://pinboard.in/u:unfo/t:oscp # The Basics - Start Here these are the resources I used to get more comfortable with linux, scripting, TCP/IP, etc. I recommend starting with these especially if you dont have much/any experience https://pentesterlab.com/bootcamp http://www.penguintutor.com/linux/basic-network-reference https://www.cybrary.it/course/advanced-penetration-testing/ https://tulpasecurity.files.wordpress.com/2016/09/tulpa-pwk-prep-guide1.pdf # Metasploit although it has been said that Metasploit use is limited during the exam, Offensive Security recommends getting more familiar with Metasploit. I have been going through the metasploit unleashed course its really good info, i would be suprised if I dont have to come back to this repeatedly https://www.offensive-security.com/metasploit-unleashed/ https://community.rapid7.com/community/metasploit/blog/2016/11/15/test-your-might-with-the-shiny-new-metasploitable3 # Linux Exploitation https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/ Privilege Escalation - Linux https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ # TCPDump https://danielmiessler.com/study/tcpdump/ # Buffer Overflows https://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481 https://www.exploit-db.com/docs/28475.pdf # Enumeration https://hackercool.com/2016/07/smb-enumeration-with-kali-linux-enum4linuxacccheck-smbmap/ https://null-byte.wonderhowto.com/how-to/hack-like-pro-reconnaissance-with-recon-ng-part-1-getting-started-0169854/ http://0daysecurity.com/penetration-testing/enumeration.html # Cheat Sheets for All the Things!!!!!!! https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf https://highon.coffee/blog/nmap-cheat-sheet/ http://www.cheat-sheets.org/saved-copy/Notepad++_Cheat_Sheet.pdf http://www.isical.ac.in/~pdslab/2016/lectures/bash_cheat_sheet.pdf http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet https://www.sans.org/security-resources/GoogleCheatSheet.pdf https://www.tunnelsup.com/python-cheat-sheet/ https://www.tunnelsup.com/metasploit-cheat-sheet/ # Reverse and Bind Shell tutorials http://resources.infosecinstitute.com/icmp-reverse-shell/#gref # Text Editor Cheat Sheets https://vim.rtorr.com/ - Vim ================================================ FILE: Useful Commands.md ================================================ Commands/tools I have been using frequently # NMAP Nmap UDP scan ```nmap -sU``` Output the nmap scan in 3 major formats ```nmap -oA filename``` nmap scan to do service and OS detection and scan all ports ```nmap -p- -SV -A ``` [https://www.stationx.net/nmap-cheat-sheet/] [https://highon.coffee/blog/nmap-cheat-sheet/] # Nikto ```nikto -h ``` # Directories of interest (linux) Digital ocean has become my favorite resource for learning about Linux, straight to the point and easy to understand. ```/etc/``` ```/etc/passwd``` ```/etc/fstab``` ```/etc/hosts``` ```/etc/init.d``` ```/usr/sbin``` [https://www.digitalocean.com/community/tutorials/how-to-use-passwd-and-adduser-to-manage-passwords-on-a-linux-vps] display the first few lines of a file ```head file.txt``` display the last few lines of a file ```tail file.txt```