Upload of the full OSCP Guide course.
Here below you can also find a link to the playlist with the single videos. For those instead who want everything in a single place I’ve made this video instead.
-------------------------
RESOURCES
- Github repository: https://github.com/LeonardoE95/OSCP
- OSCP Guide article: https://blog.leonardotamiano.xyz/tech/oscp-technical-guide/
- OSCP Guide playlist: https://youtu.be/9mrf-WyzkpE?si=1sgYae3pebqkaJkp
- PEN 200 Course: https://www.offsec.com/courses/pen-200/
-------------------------
TIMESTAMP
######### OSCP 01 – My Exam Experience
00:00:00 Introduction
00:01:53 My experience studying for the certification
00:08:53 Exam timeline
00:18:13 General tips
######### OSCP 02 – Pre-Requisites
00:26:17 Introduction
00:27:32 Pre-requisites
00:35:37 Scenario n.1: Foothold with directory traversal
00:39:17 Scenario n.2: Privilege escalation through PATH injection
00:41:30 Scenario n.3: Kerberoasting on Active Directory
00:43:57 Reading HTB Bashed writeup
00:46:27 Port scanning with nmap
00:49:37 Enumerating directories with dirsearch
00:52:17 Privilege escalation with sudo -l
00:54:23 Cronjob analysis with pspy64
00:56:17 Conclusion
######### OSCP 03 – Web
00:59:35 Introduction
01:01:15 OSCP Web content
01:04:30 SQL Injection
01:05:30 Directory Traversal
01:08:50 Local File Inclusion (LFI)
01:11:14 Remote File Inclusion (RFI)
01:12:50 File upload vulnerabilities
01:15:45 OS command injection
01:18:50 Cross-Site Scripting (XSS)
01:20:50 Auto-exploitation tools are not allowed
01:24:00 Cheatsheet - General enumeration
01:28:25 Cheatsheet - Brute forcing
01:30:45 Cheatsheet - HTTP enumeration
01:36:00 Cheatsheet - SMB enumeration
01:38:15 Cheatsheet - SNMP enumeration
01:42:12 Conclusion
######### OSCP 04 – Linux
01:42:51 introduction
01:44:51 using the terminal
01:50:51 main techniques
02:03:14 enumeration scripts
02:06:04 conclusion
######### OSCP 05 – Windows
02:07:11 Introduction
02:09:21 In OSCP windows has more structure
02:12:26 Basic enumeration
02:21:02 Commands for basic enumeration
02:31:14 Technique 1 - Abusing SeImpersonatePrivilege
02:33:56 Technique 2 - Service Hijacking
02:37:11 Technique 3 - Unquoted Service Path
02:40:46 Example of file transfering
02:42:11 Conclusion
######### OSCP 06 – Password Attacks
02:44:30 Introduction
02:46:15 Password hashing
02:58:15 Password cracking
03:05:52 Brute forcing authentication mechanics
03:09:40 Using hydra to brute force logins
03:15:20 Conclusion
######### OSCP 07 – Using Existing Exploits
03:16:26 Introduction
03:17:31 Simple exploitation
03:21:21 Custom exploitation
03:32:26 Pratical Example – CVE-2021-41773
03:47:31 Conclusion
######### OSCP 08 – Port Forwarding and Pivoting
03:48:09 Introduction
03:48:59 Port Forwarding in OSCP Exam
03:54:04 Port Forwarding Techniques
03:55:29 Pratical Example – Local Port Forwarding
04:04:54 Cheatsheet commands
04:08:19 Conclusion
######### OSCP 09 – Client-Side Attacks
04:08:44 Introduction
04:09:32 Client-Side Attacks
04:17:04 Email phishing attack
04:20:04 Example 1 – Reverse Shell on Windows
04:22:20 Example 2 – Stored XSS on WebApp
04:29:54 Conclusion
######### OSCP 10 – Active Directory
04:31:09 Introduction
04:32:30 Reading AD section
04:42:49 Tools and attacks
04:56:54 Authentication protocols and attacks
04:58:10 Keep things simple
05:00:44 AD Cheatsheet for enumeration, exploitation and lateral movement
05:11:39 Practical Example – Kerberoasting in Active Directory
05:19:19 Kerberoasting summary
######### OSCP 11 – Report Writing
05:21:26 Introduction
05:22:36 Writing is a critical skill
05:26:11 Part 1 – Notes taken during the exam
05:30:56 Example of writeup with org-mode
05:36:37 Part 2 – Structure of the final report
05:44:16 Recognize the vulnerabilities
05:46:06 Part 3 – Tools to produce the final report
05:50:26 Folder structure for final exam
05:53:56 Using markdown to generate report
05:57:14 Analysis of generation script
05:59:46 Overview and conclusion
######### OSCP 12 – Expectations and Methodologies for Exam
06:02:27 Introduction
06:03:17 Miscellaneous modules
06:06:07 Challenge Labs
06:11:33 Exam expectations
06:21:47 Exam structure
06:23:42 Exam methodology
06:27:02 Bonus points
06:30:03 Proctoring setup
06:32:07 Conclusion
-------------------------
CONTACTS
- Technical blog: https://blog.leonardotamiano.xyz/
- Github: https://github.com/LeonardoE95?tab=repositories
- Support my work: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ