oscp_playlist

Nmap, Netcat for port scanning and testing vulnerabilities
Dirbuster, Gobuster, Nikto and Burpsuite for Web application scanning
Tcpdump, Wireshark for sniffing traffic
Python HTTP Servers to serve RFI php shells.
Mimikatz, pwdump, fgdump, pwdump and procmon for password dumping and pass the hash/golden ticket attacks
Cuda Hashcat for password cracking (Nvidia graphics card)
Iptables, proxychains and sshuttle for routing hops
Medusa, Hydra for Http login form bruteforcing
Grep, sed, awk, sort, uniq, find, findstr, cut for finding passwords and sensitive files during privilege escalation and post exploitation recon
Snmpenum, enum4linux, nullinux, smbmap for smb and snmp enumeration
Powershell scripts and bitsadmin(built-in windows tool) to download files (highly recommended if you are not using meterpreter shell)
Sendemail, Python Servers for social engineering (yes, you will have to perform SE on automated bot systems for client side attacks)
Accesscheck.exe from sysinternals and Ntrights.exe, Churrasco.exe to find access misconfigurations
Psexec for lateral movements and remote shells
Cadaver and davtest for windows asp based web server to test read/write access

https://scriptdotsh.com/index.php/2018/04/17/31-days-of-oscp-experience/

Last updated 2 years ago

Nmap, Netcat for port scanning and testing vulnerabilities
Dirbuster, Gobuster, Nikto and Burpsuite for Web application scanning
Tcpdump, Wireshark for sniffing traffic
Python HTTP Servers to serve RFI php shells.
Mimikatz, pwdump, fgdump, pwdump and procmon for password dumping and pass the hash/golden ticket attacks
Cuda Hashcat for password cracking (Nvidia graphics card)
Iptables, proxychains and sshuttle for routing hops
Medusa, Hydra for Http login form bruteforcing
Grep, sed, awk, sort, uniq, find, findstr, cut for finding passwords and sensitive files during privilege escalation and post exploitation recon
Snmpenum, enum4linux, nullinux, smbmap for smb and snmp enumeration
Powershell scripts and bitsadmin(built-in windows tool) to download files (highly recommended if you are not using meterpreter shell)
Sendemail, Python Servers for social engineering (yes, you will have to perform SE on automated bot systems for client side attacks)
Accesscheck.exe from sysinternals and Ntrights.exe, Churrasco.exe to find access misconfigurations
Psexec for lateral movements and remote shells
Cadaver and davtest for windows asp based web server to test read/write access

https://scriptdotsh.com/index.php/2018/04/17/31-days-of-oscp-experience/

Last updated 2 years ago