PWK/PEN-200 OSCP Preparation Roadmap
Roadmap for preparing for PWK/PEN-200 OSCP, anyone is free to use this and also feedback and contributions are welcome. P.S. I have not done OSCP yet.
101s(Enumeration)
1. DNS 101 (Basics of DNS and DNS enumaeration, DNS Zone Transfers)
Possible misconfigurations and attack vectors
DNS 101
DNS 201
DNS Hacking (Beginner to Advanced)
2. SMB 101 (SMB Enumeration,Null Session Enumeration, NetBIOS)
Possible misconfigurations and attack vectors
Just what is SMB?
SMB enumeration with Kali Linux – enum4linux, acccheck and smbmap
Windows Null Session Enumeration
NetBIOS Enumeration And Null Session
NetBIOS and SMB Penetration Testing on Windows
nbtscan Cheat Sheet
3. SMTP 101 (ENUMERATION)
Possible misconfigurations and attack vectors
SMTP User Enumeration
4. SNMP 101 (ENUMERATION, MIB Tree)
Possible misconfigurations and attack vectors
SNMP enumeration with snmpenum and snmpwalk
5. FTP 101 (Enumeration, File Transfers)
Possible misconfigurations and attack vectors
6. SSH(Enumeration, Port Forwarding)
Possible misconfigurations and attack vectors
SSH Tunneling Explained
Port Forwarding in Windows
Tools
1. NMAP 101 Port Scanning (TCP Connect Scan, UDP Scanning, Using NSE Scripts)
Hacking Articles:NMAP
NMAP - Port-Scanning: A Practical Approach Modified for better
2. Wireshark 101(Capture and display filters, filters)
3 TCPDump (Filtering Traffic, Advanced header filtering)
4. Reverse and Bind shell, Transferring Files, Types of shells(tty,pty)
Netcat Tutorials for Beginner
Reverse Shell Cheat Sheet
Reverse Shell Cheat Sheet
7 Linux Shells Using Built-in Tools
Spawning a TTY Shell
Upgrading simple shells to fully interactive TTYs
Transferring Files from Linux to Windows (post-exploitation)
Netcat without -e? No Problem!
5. Recon-NG
Intro to Recon-ng
Recon-ng: Usage Guide
6. Metasploit
Metasploit Unleashed
Creating Metasploit Payloads
Web App Pentesting
1. LFI(LFI to RCE)
LFI Cheat Sheet
Upgrade from LFI to RCE via PHP Sessions
5 ways to Exploit LFi Vulnerability
2. RFI(RFI to RCE)
3. SQL Injection (SQLi to RCE)
Full SQL Injection Tutorial (MySQL)
Client Side Attacks
Programming
1. Bash 101
Bash Handbook
BASH Programming - Introduction HOW-TO
2. Python 101
Python for Pentesters
learnpythonthehardway
3. Ruby 101
4. Powershell
5. Assembly 101
Security Tube:
Assembly Language Megaprimer for Linux
Windows Assembly Language Megaprimer
Write codes for the below tasks in all the above mentioned languages:
- Write a script to accept user input and ping all the hosts in the given range and display which hosts are alive and which are not
- Write a script to perform a basic nmap scan on the given host
- Write a script to crawl hyperlinks from a given file and display them in output
OS(Users,Privilages,Groups,UID,UAC)
A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz
1. Post-Exploitation
Priivilage Escalation(Windows and Linux)
Elevating privileges by exploiting weak folder permissions
Windows Privilege Escalation Fundamentals
Windows Privilege Escalation Commands
Basic Linux Privilege Escalation
MySQL Root to System Root with lib_mysqludf_sys for Windows and Linux
A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz
Attack and Defend: Linux Privilege Escalation
Techniques of 2016
Abusing SUDO (Linux Privilege Escalation)
Buffer Overflows
Buffer Overflow Attack - Computerphile
Exploit writing tutorial part 1 : Stack Based Overflows
Useful resources for Learning and Hands on practice for buffer overflows
MISC Resources
The Journey to Try Harder: TJnull’s Preparation Guide for PEN-200 PWK/OSCP 2.0
The Journey to Try Harder: TJnull’s Preparation Guide for PWK/OSCP
How to prepare for PWK/OSCP, a noob-friendly guide
The Ultimate OSCP Preparation Guide, 2020
All About OSCP
OSCP Preparation Notes
IppSec
ippsec.rocks
Blogposts on Hackthebox solutions, PWK and OSCP
What is Enumeration?
PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained.
Penetration Testing Tools Cheat Sheet
Common services
CTF Resources - Pen-Test Links
Dostoevskylabs’s PenTest Notes