OSCP- One Page Repository

Hello Everyone
This is the one page repository for OSCP learners.
1 Kali Linux Basic knowledge - 
Online Course Link: https://kali.training/lessons/introduction/​
Book Link: https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf​
Hands on challenge to get comfortable with Linux:
Overthewire Bandit: https://overthewire.org/wargames/bandit/​
Root me https://www.root-me.org/?lang=en​
Cmdchallenge.com: https://cmdchallenge.com/​
HackerRank Linux Shell: https://www.hackerrank.com/domains/shell​
2 Learn Basics Bash Scripting and Python Language
​https://guide.bash.academy/
​
​https://www.learnpython.org/​
3 Recon - Learn about network reconnaissance  
Nmap Resouces
Nmap Official Guide - https://nmap.org/book/toc.html​
 https://www.sans.org/blog/sans-pen-test-cheat-sheet-nmap-v1-1/​
​https://medium.com/@infosecsanyam/nmap-cheat-sheet-nmap-scanning-types-scanning-commands-nse-scripts-868a7bd7f692​
​https://blog.zsec.uk/nmap-rtfm/​
​
Service Enumeration
​https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/​
4 Vulnerable Machines  
Now move to vulnerable machines. There are two main websites for practice on vulnerable machines. Hackthebox machines and Vulnhub Machines. There are multiples infosec guys who has written blogs related to these machines for community. First thing you need to do, read blogs for 5 machine and try to understand the approach for start on these machines.
​https://www.hackthebox.eu/login​
​https://www.vulnhub.com/​
TjNull has shared a list which has OSCP related boxes.
Below is the google sheet for vulnhub and hackthebox boxes: https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8​
Vulnhub List
Hackthebox List
5 Public Exploits
Most of the time in OSCP you will need to use a public exploit on your target to see if you can obtain a shell on it. With that exploit you may need to modify shellcode or even parts of the exploit to match with your system to obtain a connection from your target.
Exploit-DB - https://www.exploit-db.com/​
SearchSploit - Offline kali Database - https://www.exploit-db.com/searchsploit​
Packetstorm - https://packetstormsecurity.com/files/tags/exploit/​
6. File Transfer
There are multiple ways to transfer the files from attacker system to target system.
Windows
​https://sushant747.gitbooks.io/total-oscp-guide/transfering_files_to_windows.html​
VBS Script
SMB Server
HTTP Server
FTP Server
TFTP Server
Powershell
Debug.exe
Certutil
Linux
Python Server
Curl
Wget
Netcat
FTP
PHP
SCP - SSH
7. Privilege Escalation
For Practice on Local Machine:
​https://github.com/sagishahar/lpeworkshop​
Windows Privilege Escalation
​http://www.fuzzysecurity.com/tutorials/16.html​
​https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/​
​https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/​
Linux Privilege Escalation
​https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/​
Gtfobins - https://gtfobins.github.io/ 
​
8. Web App Vulnerabilities
SQL Injection - http://pentestmonkey.net/category/cheat-sheet/sql-injection​
Remote File Inclusion - https://sushant747.gitbooks.io/total-oscp-guide/remote_file_inclusion.html​
Local File Inclusion - https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/​
Bypass File upload - https://www.exploit-db.com/docs/english/45074-file-upload-restrictions-bypass.pdf​
Vulnerable Application for Practice
OWASP Juice Shop:  https://www.owasp.org/index.php/OWASP_Juice_Shop_Project​
Metasploitable 2 
BWAPP
Multidae
DVWA - http://www.dvwa.co.uk/​
9. Buffer Overflow
Exploiting Simple Buffer Overflow on Win 32 https://www.pentesteracademy.com/course?id=13​
Buffer Overflow for Dummies - https://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481​
For Practice:-
Windows Binaries (Recommend that you run these on Windows 7/XP 32 bit):
Brain Pan Machine - https://www.vulnhub.com/entry/brainpan-1,51/​
Vulnserver: https://samsclass.info/127/proj/vuln-server.htm​
Minishare 1.4.1: https://www.exploit-db.com/exploits/636​
Savant Web Server 3.1: https://www.exploit-db.com/exploits/10434​
Freefloat FTP Server 1.0: https://www.exploit-db.com/exploits/40673​
Core FTP Server 1.2: https://www.exploit-db.com/exploits/39480​
SLMAIL - https://www.exploit-db.com/apps/12f1ab027e5374587e7e998c00682c5d-SLMail55_4433.exe 
Linux Binaries:
Linux Buffer Overflow: https://samsclass.info/127/proj/lbuf1.htm​
10 Pivoting & Port Forwarding
Abatchy’s Port Forwarding Guide: https://www.abatchy.com/2017/01/port-forwarding-practical-hands-on-guide​
Windows Port Forwarding: http://woshub.com/port-forwarding-in-windows/​
SSH Tunneling Explained: https://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/​
Understanding Proxy Tunnels: https://www.offensive-security.com/metasploit-unleashed/proxytunnels/​
Explore Hidden Networks with Double Pivoting: https://pentest.blog/explore-hidden-networks-with-double-pivoting/​
0xdf hacks stuff. Pivoting and Tunneling: https://0xdf.gitlab.io/2019/01/28/pwk-notes-tunneling-update1.html​
Tools:
SSHuttle: https://github.com/sshuttle/sshuttle​
Proxychains: https://github.com/haad/proxychains​
​
​
Youtube Channels for OSCP related HTB Boxes writeups
IPPSEC TJ_NULL OSCP LIST -https://www.youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf​
​https://www.youtube.com/watch?v=PP32yAtuMy8&list=PLYu4I0o3DfjfizB6wcSmKDIvQxJ5NXM2y​
​https://www.youtube.com/watch?v=kWTnVBIpNsE&list=PLnPxWPfV-DjyS8PIqfYa8LT4LHH8QmunZ​
IPPSEC - https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA/playlists​
​
HTB Boxes to Prepare for OSCP (Youtube Playlist): https://www.youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf

Tool Set
Web Recon
Dirsearch: https://github.com/maurosoria/dirsearch​
Dirbuster: https://tools.kali.org/web-applications/dirbuster​
Gobuster: https://github.com/OJ/gobuster​
Wfuzz: https://github.com/xmendez/wfuzz​
SQL
SQLmap: https://github.com/sqlmapproject/sqlmap/wiki/Usag​
NoSQLMap: https://github.com/codingo/NoSQLMap​
SQLNinja: http://sqlninja.sourceforge.net/​
Windows Privilege Escalation 
Winpeas 
Window exploit suggester - https://github.com/GDSSecurity/Windows-Exploit-Suggester​
Powerup 
Sharpup 
Seatbelt 
Sherlock - https://github.com/rasta-mouse/Sherlock​
Windows Priv checker
JAWS  - https://github.com/411Hall/JAWS/commits?author=411Hall​
Linux Privilege Escalation
Linux smart enumeration 
Pspy64 
Linenum - https://github.com/rebootuser/LinEnum​
Linpeas 
Lpe 
Linux Exploit Suggester 
Beroot 
Bashark 
Linux priv checker
Password Cracking
John  The Ripper -  https://www.openwall.com/john/​
Hashcat: https://hashcat.net/hashcat/​
Online Tools for Password Cracking:
THC Hydra: https://github.com/vanhauser-thc/thc-hydra​
Medusa: http://h.foofus.net/?page_id=51​
Wordlist generators:
Cewl: https://digi.ninja/projects/cewl.php​
Crunch: https://tools.kali.org/password-attacks/crunch​
Wordlists:
In Kali: /usr/share/wordlists
Seclists: apt-get install seclists You can find all of his password lists here: https://github.com/danielmiessler/SecLists/tree/master/Passwords​
Online Password Crackers:
​https://hashkiller.co.uk/Cracker​
​https://www.cmd5.org/​
​https://www.onlinehashcrack.com/​
​https://gpuhash.me/​
​https://crackstation.net/​
Other OSCP guides: 
I got some content from these below OSCP guides.
​https://sushant747.gitbooks.io/​
​https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#kernel-exploits​
​https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html​
​https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html​
​https://411hall.github.io/OSCP-Preparation​
​https://www.gitbook.com/book/sushant747/total-oscp-guide​
​http://0xc0ffee.io/blog/OSCP-Goldmine​
​https://h4ck.co/oscp-journey-exam-lab-prep-tips/​
​https://tulpa-security.com/2016/09/11/review-oscp-and-pwk/​
​http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/ 
Other Links:
​https://practicalpentestlabs.com/​
​https://immersivelabs.co.uk/​
​http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet​
​https://maikthulhu.github.io/2017-11-20-onenote-layout​
​
All About OSCP
About the Author
Last modified 2yr ago
Copy link
On this page
1 Kali Linux Basic knowledge -
2 Learn Basics Bash Scripting and Python Language
3 Recon - Learn about network reconnaissance
4 Vulnerable Machines
5 Public Exploits
6. File Transfer
7. Privilege Escalation
8. Web App Vulnerabilities
9. Buffer Overflow
10 Pivoting & Port Forwarding
Tool Set
Other OSCP guides: