Hello world! This repo contain some of the scripts, exploits, and documents made during my OSCP journey. The list include but not limited to the following:
Yes, there are far better scripts out there, However this one has less output to go thru and it has colors. Think basic nmap scan to look for low hanging fruit followed by more complete scan.
Basic port knocking script with cool colors
Cron job checker script that may reveal root cron jobs by checking for newly spawned processes! kudos to IppSec
Comprehensive Windows privesc script that checks KBs as well as common misconfigurations
No SQLMap. No problem. This cheatsheet will walk you thru how to automate things like blind SQL injection with wfuzz
I'm always open to suggestions, please let me know if there is anything I can add or improve!
oscp学习 学习方法和阶段目标 掌握课程内容,完成相关联系 攻击实验环境靶机联系(至少八十台)大多通过的在100台以上 联系渗透测试报告的编写(英文)官方有模板,(如果相关技术人员可以通过你的报告复现出来那就算是合格)那么报告就不得错过重要得环节和信息。 要注意考试不限于教材内容(公开得漏洞量级超过两万个不限于教材涵盖得漏洞) try harder 重复联系,确保自己得熟练度 尝试独立完成实验环
1.Intro of OSCP and Kali 2.Getting comfortable with Kali linux 2.1Booting up Kali linux defaule pw for root:toor passwd whoami 2.2The Kali menu 2.3Kali documentation Kali Docs | Kali Linux Docum
13- SMB Enumeration(Linux Enumeration) 概念 SMB(全称是[Server Message Block](https://baike.baidu.com/item/Server Message Block/1349786?fromModule=lemma_inlink))是一个网络协议名,它能被用于Web连接和客户端与服务器之间的信息沟通。SMB最初是IBM的
ls:显示文件或目录 -l:列出文件详细情况 -a:显示隐藏文件 pwd:显示当前目录 ls-la: cd:切换目录 cd /user/Desktop:切换到用户文件下桌面 cd … :返回上一级目录 mkdir:创建目录 mkdir/home/dir :创建文件在/home/dir下 nano:打开指定文件进行编辑 touch:创建新的文档 cp -r:复制一个目录及子目录 cp:复制一个文件
目录 OSCP备战走向巅峰
目录 扫描 FTP SMB WEB 提权 扫描 sudo nmap 192.168.249.64 -p- -sV -sS PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 3.0.3 22/tcp open ssh OpenSSH 7.9p1 Debian 10+deb10u2 (pro
信息收集:谷歌黑客语法,whois,theharvester收集邮箱,netcraft 扫描:nmap,nessus漏洞扫描,metasploit(其实就是msfconsole) 枚举:ssh,http,smb,dns,ftp,smtp,snmp 使用nc:正向连接,反向连接 缓冲区溢出攻击获取root 利用metasploit获取root 常见攻击手段:文件上传,文件包含,sql注入,xss三部
扫描 sudo nmap 192.168.89.122 -p- -sV -sS PORT STATE SERVICE VERSION 53/tcp open domain Simple DNS Plus 80/tcp open http Microsoft IIS httpd 10.0 88/tcp open