oscp_playlist

  1. Nmap, Netcat for port scanning and testing vulnerabilities

  2. Dirbuster, Gobuster, Nikto and Burpsuite for Web application scanning

  3. Tcpdump, Wireshark for sniffing traffic

  4. Python HTTP Servers to serve RFI php shells.

  5. Mimikatz, pwdump, fgdump, pwdump and procmon for password dumping and pass the hash/golden ticket attacks

  6. Cuda Hashcat for password cracking (Nvidia graphics card)

  7. Iptables, proxychains and sshuttle for routing hops

  8. Medusa, Hydra for Http login form bruteforcing

  9. Grep, sed, awk, sort, uniq, find, findstr, cut for finding passwords and sensitive files during privilege escalation and post exploitation recon

  10. Snmpenum, enum4linux, nullinux, smbmap for smb and snmp enumeration

  11. Powershell scripts and bitsadmin(built-in windows tool) to download files (highly recommended if you are not using meterpreter shell)

  12. Sendemail, Python Servers for social engineering (yes, you will have to perform SE on automated bot systems for client side attacks)

  13. Accesscheck.exe from sysinternals and Ntrights.exe, Churrasco.exe to find access misconfigurations

  14. Psexec for lateral movements and remote shells

  15. Cadaver and davtest for windows asp based web server to test read/write access

https://scriptdotsh.com/index.php/2018/04/17/31-days-of-oscp-experience/

Previous24x7x365 SUPPORT http://www.captiongenerator.com/320492/Offsec-Student-AdminsNextPrivilege Escalation & Post-Exploitation

Last updated