OSCP
  • All About OSCP
  • OSCP- One Page Repository
  • About the Author
  • Basic Linux & Windows Commands
    • Linux Commands
    • Windows
      • cmd
      • Powershell
      • Basics of windows
    • Linux / WindowsMain commands
    • Bash Scripting
  • Recon (Scanning & Enumeration)
    • Active Info Gathering
      • My Network Recon Checklist
      • My Web Recon Checklist
      • Network Enumeration
      • Port Scanning
    • Common Ports and Services
      • Other Services Enumeration
    • DNS Zone Transfer Attack
    • SNMP Enumeration
    • SMB Enumeration
    • Web Application Directory bruteforcing / fingerprinting
    • Port & Services Scanning
  • Web Application
    • My checklist
      • LFI
      • RFI
      • SQLI
    • File Upload bypass
    • Enumeration and Exploitation
    • No-Sql Injection
    • SQL Injection
    • Hidden Files and directories
    • RFI
    • LFI
  • Brute Force
    • Reuse the hash
    • Password Crack
  • Shells
    • Linux Reverse Shell [One liner]
    • Reverse Shell to fully interactive
    • Reverse Shell Cheat Sheet
    • WebShell
  • Transferring files
    • My Checklist
    • Transfer files on linux
  • Priv Escalation
    • Linux Priv Escalation
      • g0tmi1k linux privilege escalation
      • Privilege Escalation - Linux
      • Checklist - Linux Privilege Escalation
    • Windows Priv Escalation
      • Fuzzysecurity window priv escalation
      • Privilege Escalation - Windows
      • Checklist - Local Windows Privilege Escalation
  • Post Exploitation
    • Cover your tracks
    • Persistence
    • Loot Linux
    • Loot Windows
    • Escaping Restricted Shell
    • Meterpreter shell for post-exploitation
    • Spawn Shell
  • Pivoting
    • My Checklist for Pivoting
    • Tunneling and Port Forwarding
    • Pivotind understanding
  • Buffer Overflow
    • Buffer overflow
    • Buffer overflow Step by Step
      • Study about buffer overflow
      • Brainpan
      • VulnServer
      • Minishare
  • Main Tools
  • MISC
    • Exploit Compiling
  • CheatSheet (Short)
  • OSCP/ Vulnhub Practice learning
    • Machines Practice
    • My Practice on HTB Windows boxes
    • My Practice on Vulnhub boxes
    • Over the Wire (Natas)
    • Over The wire (Bandit)
Powered by GitBook
On this page
  • 1 Kali Linux Basic knowledge -
  • 2 Learn Basics Bash Scripting and Python Language
  • 3 Recon - Learn about network reconnaissance
  • 4 Vulnerable Machines
  • 5 Public Exploits
  • 6. File Transfer
  • 7. Privilege Escalation
  • 8. Web App Vulnerabilities
  • 9. Buffer Overflow
  • 10 Pivoting & Port Forwarding
  • Tool Set
  • Other OSCP guides:

Was this helpful?

OSCP- One Page Repository

PreviousAll About OSCPNextAbout the Author

Last updated 4 years ago

Was this helpful?

Hello Everyone

This is the one page repository for OSCP learners.

1 Kali Linux Basic knowledge -

  • Online Course Link:

  • Book Link:

Hands on challenge to get comfortable with Linux:

  • Overthewire Bandit:

  • Root me

  • Cmdchallenge.com:

  • HackerRank Linux Shell:

2 Learn Basics Bash Scripting and Python Language

3 Recon - Learn about network reconnaissance

  • Nmap Resouces

    • Nmap Official Guide -

  • Service Enumeration

4 Vulnerable Machines

Now move to vulnerable machines. There are two main websites for practice on vulnerable machines. Hackthebox machines and Vulnhub Machines. There are multiples infosec guys who has written blogs related to these machines for community. First thing you need to do, read blogs for 5 machine and try to understand the approach for start on these machines.

TjNull has shared a list which has OSCP related boxes.

5 Public Exploits

Most of the time in OSCP you will need to use a public exploit on your target to see if you can obtain a shell on it. With that exploit you may need to modify shellcode or even parts of the exploit to match with your system to obtain a connection from your target.

6. File Transfer

There are multiple ways to transfer the files from attacker system to target system.

  • Windows

    • VBS Script

    • SMB Server

    • HTTP Server

    • FTP Server

    • TFTP Server

    • Powershell

    • Debug.exe

    • Certutil

  • Linux

    • Python Server

    • Curl

    • Wget

    • Netcat

    • FTP

    • PHP

    • SCP - SSH

7. Privilege Escalation

  • For Practice on Local Machine:

  • Windows Privilege Escalation

  • Linux Privilege Escalation

8. Web App Vulnerabilities

  • Vulnerable Application for Practice

    • Metasploitable 2

    • BWAPP

    • Multidae

9. Buffer Overflow

  • For Practice:-

    • Windows Binaries (Recommend that you run these on Windows 7/XP 32 bit):

  • Linux Binaries:

10 Pivoting & Port Forwarding

  • Tools:

Youtube Channels for OSCP related HTB Boxes writeups

Tool Set

  • Web Recon

  • SQL

  • Windows Privilege Escalation

    • Winpeas

    • Powerup

    • Sharpup

    • Seatbelt

    • Windows Priv checker

  • Linux Privilege Escalation

    • Linux smart enumeration

    • Pspy64

    • Linpeas

    • Lpe

    • Linux Exploit Suggester

    • Beroot

    • Bashark

    • Linux priv checker

  • Password Cracking

    • Online Tools for Password Cracking:

  • Wordlist generators:

  • Wordlists:

    • In Kali: /usr/share/wordlists

  • Online Password Crackers:

Other OSCP guides:

I got some content from these below OSCP guides.

  • Other Links:

Below is the google sheet for vulnhub and hackthebox boxes:

Exploit-DB -

SearchSploit - Offline kali Database -

Packetstorm -

Gtfobins -

SQL Injection -

Remote File Inclusion -

Local File Inclusion -

Bypass File upload -

OWASP Juice Shop:

DVWA -

Exploiting Simple Buffer Overflow on Win 32

Buffer Overflow for Dummies -

Brain Pan Machine -

Vulnserver:

Minishare 1.4.1:

Savant Web Server 3.1:

Freefloat FTP Server 1.0:

Core FTP Server 1.2:

SLMAIL -

Linux Buffer Overflow:

Abatchy’s Port Forwarding Guide:

Windows Port Forwarding:

SSH Tunneling Explained:

Understanding Proxy Tunnels:

Explore Hidden Networks with Double Pivoting:

0xdf hacks stuff. Pivoting and Tunneling:

SSHuttle:

Proxychains:

IPPSEC TJ_NULL OSCP LIST -

IPPSEC -

HTB Boxes to Prepare for OSCP (Youtube Playlist):

Dirsearch:

Dirbuster:

Gobuster:

Wfuzz:

SQLmap:

NoSQLMap:

SQLNinja:

Window exploit suggester -

Sherlock -

JAWS -

Linenum -

John The Ripper -

Hashcat:

THC Hydra:

Medusa:

Cewl:

Crunch:

Seclists: apt-get install seclists You can find all of his password lists here:

https://kali.training/lessons/introduction/
https://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf
https://overthewire.org/wargames/bandit/
https://www.root-me.org/?lang=en
https://cmdchallenge.com/
https://www.hackerrank.com/domains/shell
https://guide.bash.academy/
https://www.learnpython.org/
https://nmap.org/book/toc.html
https://www.sans.org/blog/sans-pen-test-cheat-sheet-nmap-v1-1/
https://medium.com/@infosecsanyam/nmap-cheat-sheet-nmap-scanning-types-scanning-commands-nse-scripts-868a7bd7f692
https://blog.zsec.uk/nmap-rtfm/
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
https://www.hackthebox.eu/login
https://www.vulnhub.com/
https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8
https://www.exploit-db.com/
https://www.exploit-db.com/searchsploit
https://packetstormsecurity.com/files/tags/exploit/
https://sushant747.gitbooks.io/total-oscp-guide/transfering_files_to_windows.html
https://github.com/sagishahar/lpeworkshop
http://www.fuzzysecurity.com/tutorials/16.html
https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/
https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://gtfobins.github.io/
http://pentestmonkey.net/category/cheat-sheet/sql-injection
https://sushant747.gitbooks.io/total-oscp-guide/remote_file_inclusion.html
https://www.offensive-security.com/metasploit-unleashed/file-inclusion-vulnerabilities/
https://www.exploit-db.com/docs/english/45074-file-upload-restrictions-bypass.pdf
https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
http://www.dvwa.co.uk/
https://www.pentesteracademy.com/course?id=13
https://www.sans.org/reading-room/whitepapers/threats/buffer-overflows-dummies-481
https://www.vulnhub.com/entry/brainpan-1,51/
https://samsclass.info/127/proj/vuln-server.htm
https://www.exploit-db.com/exploits/636
https://www.exploit-db.com/exploits/10434
https://www.exploit-db.com/exploits/40673
https://www.exploit-db.com/exploits/39480
https://www.exploit-db.com/apps/12f1ab027e5374587e7e998c00682c5d-SLMail55_4433.exe
https://samsclass.info/127/proj/lbuf1.htm
https://www.abatchy.com/2017/01/port-forwarding-practical-hands-on-guide
http://woshub.com/port-forwarding-in-windows/
https://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/
https://www.offensive-security.com/metasploit-unleashed/proxytunnels/
https://pentest.blog/explore-hidden-networks-with-double-pivoting/
https://0xdf.gitlab.io/2019/01/28/pwk-notes-tunneling-update1.html
https://github.com/sshuttle/sshuttle
https://github.com/haad/proxychains
https://www.youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf
https://www.youtube.com/watch?v=PP32yAtuMy8&list=PLYu4I0o3DfjfizB6wcSmKDIvQxJ5NXM2y
https://www.youtube.com/watch?v=kWTnVBIpNsE&list=PLnPxWPfV-DjyS8PIqfYa8LT4LHH8QmunZ
https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA/playlists
https://www.youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf
https://github.com/maurosoria/dirsearch
https://tools.kali.org/web-applications/dirbuster
https://github.com/OJ/gobuster
https://github.com/xmendez/wfuzz
https://github.com/sqlmapproject/sqlmap/wiki/Usag
https://github.com/codingo/NoSQLMap
http://sqlninja.sourceforge.net/
https://github.com/GDSSecurity/Windows-Exploit-Suggester
https://github.com/rasta-mouse/Sherlock
https://github.com/411Hall/JAWS/commits?author=411Hall
https://github.com/rebootuser/LinEnum
https://www.openwall.com/john/
https://hashcat.net/hashcat/
https://github.com/vanhauser-thc/thc-hydra
http://h.foofus.net/?page_id=51
https://digi.ninja/projects/cewl.php
https://tools.kali.org/password-attacks/crunch
https://github.com/danielmiessler/SecLists/tree/master/Passwords
https://hashkiller.co.uk/Cracker
https://www.cmd5.org/
https://www.onlinehashcrack.com/
https://gpuhash.me/
https://crackstation.net/
https://sushant747.gitbooks.io/
https://book.hacktricks.xyz/windows/windows-local-privilege-escalation#kernel-exploits
https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html
https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
https://411hall.github.io/OSCP-Preparation
https://www.gitbook.com/book/sushant747/total-oscp-guide
http://0xc0ffee.io/blog/OSCP-Goldmine
https://h4ck.co/oscp-journey-exam-lab-prep-tips/
https://tulpa-security.com/2016/09/11/review-oscp-and-pwk/
http://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/
https://practicalpentestlabs.com/
https://immersivelabs.co.uk/
http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
https://maikthulhu.github.io/2017-11-20-onenote-layout
Vulnhub List
Hackthebox List