All about OSCP
All the files listed below, and mentioned in any checklists are within this repo
Custom checklists
- Linux privilege escalation
- Windows privilege escalation
- Windows post exploitation
- Windows 32 bit stack buffer overflow
Windows 32 bit stack buffer overflow
Example scripts that are highly and easily customizable
- Skeleton script
- Fuzzer
- Overflow EIP
- Sending unique pattern
- Sending bad characters
- Full script
Windows post exploitation
- Credential gathering
- Compiled Mimikatz32.exe
- Compiled Mimikatz64.exe
- Privilege escalation
- Sherlock.ps1
- Powerup.ps1
- Priv checker (.exe/.py)
- Compiled nc/nc64
- Compiled Windows kernel exploits < not my files, but link to repo with all compiled windows kernel exploits
- Cheatsheets
- http://www.handgrep.se/repository/cheatsheets/postexploitation/WindowsPost-Exploitation.pdf
- https://www.fuzzysecurity.com/tutorials/16.html
- http://www.exumbraops.com/penetration-testing-102-windows-privilege-escalation-cheatsheet
- https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md
- https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
Linux post exploitation
- Information gathering
- Linenum.sh
- linuxprivchecker.py
- unix-priv-checker.sh
- Credential gathering
- credential harvester
Stupid one liners that saved me some time
- Automate LinEnum.sh: download > chmod > run > output to file
wget https://raw.githubusercontent.com/Arken2/Everything-OSCP/master/Linux%20Post%20exploitation/LinEnum.sh ; chmod +x LinEnum.sh ; ./LinEnum.sh > LinEnum-Output.txt