PWK OSCP Preparation Roadmap

My roadmap for preparing for OSCP, anyone is free to use this and also feedback and contributions are welcome

101s(Enumeration)

1. DNS 101 (Basics of DNS and DNS enumaeration, DNS Zone Transfers)
Possible misconfigurations and attack vectors
DNS 101
DNS 201
DNS Hacking (Beginner to Advanced)

2. SMB 101 (SMB Enumeration,Null Session Enumeration, NetBIOS)
Possible misconfigurations and attack vectors
Just what is SMB?
SMB enumeration with Kali Linux – enum4linux, acccheck and smbmap
Windows Null Session Enumeration
NetBIOS Enumeration And Null Session
NetBIOS and SMB Penetration Testing on Windows
nbtscan Cheat Sheet

3. SMTP 101 (ENUMERATION)
Possible misconfigurations and attack vectors
SMTP User Enumeration

4. SNMP 101 (ENUMERATION, MIB Tree)
Possible misconfigurations and attack vectors
SNMP enumeration with snmpenum and snmpwalk

5. FTP 101 (Enumeration, File Transfers)
Possible misconfigurations and attack vectors

6. SSH(Enumeration, Port Forwarding)
Possible misconfigurations and attack vectors
SSH Tunneling Explained
Port Forwarding in Windows

Tools

1. NMAP 101 Port Scanning (TCP Connect Scan, UDP Scanning, Using NSE Scripts)
Hacking Articles:NMAP
NMAP - Port-Scanning: A Practical Approach Modified for better
2. Wireshark 101(Capture and display filters, filters)
3 TCPDump (Filtering Traffic, Advanced header filtering)
4. Reverse and Bind shell, Transferring Files, Types of shells(tty,pty)
Netcat Tutorials for Beginner
Reverse Shell Cheat Sheet
Reverse Shell Cheat Sheet
7 Linux Shells Using Built-in Tools
Spawning a TTY Shell
Upgrading simple shells to fully interactive TTYs
Transferring Files from Linux to Windows (post-exploitation)
Netcat without -e? No Problem!
5. Recon-NG
Intro to Recon-ng
Recon-ng: Usage Guide
6. Metasploit
Metasploit Unleashed
Creating Metasploit Payloads

Web App Pentesting

1. LFI(LFI to RCE)
LFI Cheat Sheet
Upgrade from LFI to RCE via PHP Sessions
5 ways to Exploit LFi Vulnerability
2. RFI(RFI to RCE)
3. SQL Injection (SQLi to RCE)
Full SQL Injection Tutorial (MySQL)
Client Side Attacks

Programming

1. Bash 101
Bash Handbook
BASH Programming - Introduction HOW-TO
2. Python 101
Python for Pentesters
learnpythonthehardway
3. Ruby 101
4. Powershell
5. Assembly 101
Security Tube:
Assembly Language Megaprimer for Linux
Windows Assembly Language Megaprimer

Write codes for the below tasks in all the above mentioned languages:

  1. Write a script to accept user input and ping all the hosts in the given range and display which hosts are alive and which are not
  2. Write a script to perform a basic nmap scan on the given host
  3. Write a script to crawl hyperlinks from a given file and display them in output

OS(Users,Privilages,Groups,UID,UAC)

A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz

1. Post-Exploitation
Priivilage Escalation(Windows and Linux)
Elevating privileges by exploiting weak folder permissions
Windows Privilege Escalation Fundamentals
Windows Privilege Escalation Commands
Basic Linux Privilege Escalation
MySQL Root to System Root with lib_mysqludf_sys for Windows and Linux
A GUIDE TO LINUX PRIVILEGE ESCALATION by Rashid Feroz
Attack and Defend: Linux Privilege Escalation Techniques of 2016
Abusing SUDO (Linux Privilege Escalation)

Buffer Overflows
Buffer Overflow Attack - Computerphile
Exploit writing tutorial part 1 : Stack Based Overflows
Useful resources for Learning and Hands on practice for buffer overflows

MISC Resources

All About OSCP
OSCP Preparation Notes
The Journey to Try Harder: TJnull’s Preparation Guide for PWK/OSCP
IppSec
Blogposts on Hackthebox solutions, PWK and OSCP
What is Enumeration?
PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained.
Penetration Testing Tools Cheat Sheet
Common services
CTF Resources - Pen-Test Links
Dostoevskylabs’s PenTest Notes