awesome-oscp/README.md

# Awesome OSCP

[![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)

> A curated list of awesome OSCP resources


## Contents

- [Resources](#resources)
  - [OSCP Reviews and Guides](#oscp-reviews-and-guides)
  - [Cheatsheets and Scripts](#cheatsheets-and-scripts)
  - [Topics](#topics)
  	- [Buffer Overflow](#buffer-overflow)
  	- [Privilege Escalation](#privilege-escalation)
  	- [Active Directory](#Active-Directory)
  - [Other OSCP Resources](#other-oscp-resources)
  	- [Books](#books)
- [License](#license)

## Resources

### OSCP Reviews and Guides

- [Official OSCP Certification Exam Guide](https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide)
- Luke’s Ultimate OSCP Guide ([Part 1](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440), [Part 2](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-2-workflow-and-documentation-tips-9dd335204a48), [Part 3](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97))
- [How to prepare for PWK/OSCP, a noob-friendly guide](https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob)
- [n3ko1's OSCP Guide](http://www.lucas-bader.com/certification/2015/05/27/oscp-offensive-security-certified-professional)
- [Jan's "Path to OSCP" Videos](https://www.youtube.com/playlist?list=PLyPJ3SHNkjIFITR-Lzsc0XSOBS7JUXsOy)
- [Offensive Security’s PWB and OSCP - My Experience](http://www.securitysift.com/offsec-pwb-oscp/) (+ some scripts)
- [OSCP Lab and Exam Review](https://theslickgeek.com/oscp/)
- [OSCP Preparation Notes](https://www.jpsecnetworks.com/category/oscp/)
- [A Detailed Guide on OSCP Preparation – From Newbie to OSCP](http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/)
- [My Fight for OSCP](https://alphacybersecurity.tech/my-fight-for-the-oscp/)
- [The Ultimate OSCP Preparation Guide](https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/)
- [The Journey to Try Harder: TJnull’s Preparation Guide for PEN-200 PWK/OSCP 2.0](https://www.netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html)

### Cheatsheets and Scripts

- [Luke's Practical hacking tips and tricks](https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97)
- [Penetration Testing Tools Cheat Sheet](https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/)
- [How to Pass OSCP](https://gist.github.com/unfo/5ddc85671dcf39f877aaf5dce105fac3)
- [Reverse Shell Cheat Sheet](https://highon.coffee/blog/reverse-shell-cheat-sheet/)
- [Reverse Shell Generator](https://www.revshells.com/)
- [7 Linux Shells Using Built-in Tools](https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/)
- [Windows Exploit Suggester](https://github.com/GDSSecurity/Windows-Exploit-Suggester)
- [Linux Exploit Suggester](https://github.com/InteliSecureLabs/Linux_Exploit_Suggester)
- [OSCPRepo](https://github.com/rewardone/OSCPRepo)
- [Go-for-OSCP](https://github.com/pythonmaster41/Go-For-OSCP)
- [Pentest Compilation](https://github.com/adon90/pentest_compilation)
- [Collection of OSCP scripts](https://github.com/ihack4falafel/OSCP)

### Topics

#### Buffer Overflow
- [Corelan's Exploit writing tutorial part 1 : Stack Based Overflows](https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/)
- [Justin's DoStackBufferOverflowGood](https://github.com/justinsteven/dostackbufferoverflowgood)
- [Writing Exploits for Win32 Systems from Scratch](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/)
- [32-Bit Windows Buffer Overflows Made Easy](https://veteransec.com/2018/09/10/32-bit-windows-buffer-overflows-made-easy/)
- [Introduction to Buffer Overflow Video](https://www.youtube.com/watch?v=1S0aBV-Waeo)
- [OverTheWire's Narnia Wargame](http://overthewire.org/wargames/narnia/)

#### Privilege Escalation
- [Windows Privilege Escalation Fundamentals](http://www.fuzzysecurity.com/tutorials/16.html)
- [Common Windows Privilege Escalation Vectors](https://toshellandback.com/2015/11/24/ms-priv-esc/)
- [Encyclopaedia Of Windows Privilege Escalation by Brett Moore](https://www.youtube.com/watch?v=kMG8IsCohHA)
- [Level Up! Practical Windows Privilege Escalation by Andrew Smith](https://www.youtube.com/watch?v=PC_iMqiuIRQ)
- [Basic Linux Privilege Escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/)
- [Linux privilege escalation by Jake Williams](https://www.youtube.com/watch?v=dk2wsyFiosg)

#### Active-Directory
- [Active Directory Methodology](https://book.hacktricks.xyz/windows/active-directory-methodology)
- [Active Directory Exploitation Cheat Sheet](https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet)
- [PayloadsAllTheThings AD](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md)
- [Attacking Active Directory: 0 to 0.9](https://zer1t0.gitlab.io/posts/attacking_ad/)
- [PowerView-3.0 tips and tricks](https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993#file-powerview-3-0-tricks-ps1)

##### Hands-On Resources.
- TryHackMe
  -  [Active Directory Basics](https://tryhackme.com/room/activedirectorybasics) - Easy
  -  [Post-Exploitation Basics](https://tryhackme.com/room/postexploit) - Easy
  -  [Vulnnet Roasted](https://tryhackme.com/room/vulnnetroasted) - Easy
  -  [Attacktive Directory](https://tryhackme.com/room/attacktivedirectory) - Medium
  -  [raz0r black](https://tryhackme.com/room/raz0rblack) - Medium
  -  [Enterprise](https://tryhackme.com/room/enterprise) - Medium
  -  [Vulnnet Active](https://tryhackme.com/room/vulnnetactive) - Medium
  -  [Zero Logon](https://tryhackme.com/room/zer0logon) - Hard
  -  [Holo](https://tryhackme.com/room/hololive) - Hard
  -  [Throwback](https://tryhackme.com/network/throwback) - Easy
- HackTheBox
  -  [Forest](https://app.hackthebox.com/machines/212) - Easy
  -  [Active](https://app.hackthebox.com/machines/148) - Easy
  -  [Fuse](https://app.hackthebox.com/machines/235) - Medium
  -  [Cascade](https://app.hackthebox.com/machines/235) - Medium
  -  [Monteverde](https://app.hackthebox.com/machines/223) - Medium
  -  [Resolute](https://app.hackthebox.com/machines/220) - Medium
  -  [Arkham](https://app.hackthebox.com/machines/179) - Medium
  -  [Mantis](https://app.hackthebox.com/machines/98) - Hard
  -  [APT](https://app.hackthebox.com/machines/296) - Insane
  -  [Dante](https://app.hackthebox.com/prolabs/overview/dante) - Beginner
  -  [Offshore](https://app.hackthebox.com/prolabs/overview/offshore) - Intermediate
  -  [RastaLabs](https://app.hackthebox.com/prolabs/overview/rastalabs) - Intermediate
  -  [Cybernetics](https://app.hackthebox.com/prolabs/overview/cybernetics) - Advanced
  -  [APT Labs](https://app.hackthebox.com/prolabs/overview/aptlabs) - Advanced
- HackTheBox Academy ( PAID )
  -  [Introduction to Active Directory](https://academy.hackthebox.com/module/details/74) - Fundamental
  -  [ActiveDirectory LDAP](https://academy.hackthebox.com/course/preview/active-directory-ldap) - Medium
  -  [ActiveDirectory Powerview](https://academy.hackthebox.com/module/details/68) - Medium
  -  [ActiveDirectory BloodHound](https://academy.hackthebox.com/module/details/69) - Medium
  -  [ActiveDirectory Enumeration & Attacks](https://academy.hackthebox.com/module/details/143) - Medium
- Proving Grounds
	- [PG-Practice](https://portal.offsec.com/labs/practice)	( PAID )
		* Hutch 
		* Heist
		* Vault

# Other OSCP Resources

- [pwn.guide](https://pwn.guide)
- [PWK Syllabus](https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf)
- [OSCP-Prep-Resources](https://github.com/burntmybagel/OSCP-Prep)
- [Offensive Security Bookmarks](https://jivoi.github.io/2015/07/03/offensive-security-bookmarks/)
- [The how to get the OSCP certification wiki](https://www.peerlyst.com/posts/the-how-to-get-the-oscp-certification-wiki-peerlyst)
- [OSCP Goldmine](http://0xc0ffee.io/blog/OSCP-Goldmine)
- [Penetration Testing Study Notes](https://github.com/AnasAboureada/Penetration-Testing-Study-Notes)
- [OSCP-like Vulnhub VMs](https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms)
- [Metasploit Unleashed](https://www.offensive-security.com/metasploit-unleashed/)
- [Awesome Penetration Testing](https://github.com/enaqx/awesome-pentest)
- [OSCP Exam Report Template in Markdown](https://github.com/noraj/OSCP-Exam-Report-Template-Markdown)

#### Books

- [Penetration Testing: A Hands-on Introduction to Hacking](https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641)
- [The Hacker Playbook 3: Practical Guide to Penetration Testing](https://www.amazon.com.au/Hacker-Playbook-Practical-Penetration-Testing/dp/1980901759)
- [RTFM: Red Team Field Manual](https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504)
- [RTFM: Red Team Field Manual v2](https://www.amazon.com/RTFM-Red-Team-Field-Manual/dp/1075091837)
- [The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws (2nd Edition)](https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting-ebook/dp/B005LVQA9S)

## License

[![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](http://creativecommons.org/publicdomain/zero/1.0)

To the extent possible under law, Adel "0x4D31" Karimi has waived all copyright and
related or neighboring rights to this work.