skip to content
Jonathan Strong
Table of Contents

OSCP (Offensive Security Certified Professional)

The aim of this page is to document all the resources available for preparing before you sign up to the PWK (Penetration Testing with Kali Linux) course and start to practice in the labs before the exam.

Work in progress, draft!

TitleFormatCategoryLinkNotes
Penetration Testing, A Hands-On Introduction to HackingBookEverythinghttps://www.nostarch.com/pentesting
Advanced Penetration TestingVideoEverythinghttps://www.cybrary.it/course/advanced-penetration-testing/
Hackers Playbook 3BookEverythinghttps://amzn.to/2KXhlJ5
PentsetLabCourseEverythinghttps://pentesterlab.com/bootcamp
Hacking, The Art of Exploitation 2nd EditionBookEverythinghttps://nostarch.com/hacking2.htm
Network Security AssessmentBookEverythinghttps://amzn.to/2JdYMO9
Grey Hat HackingBookEverythinghttps://amzn.to/2JdmkCT
Kali Linux RevealedBookKalihttps://kali.training/downloads/Kali-Linux-Revealed-1st-edition.pdf
Kali Linux RevealedCourseKalihttps://kali.training/lessons/introduction/
Attacking Network ProtocolsBookNetworkhttps://nostarch.com/networkprotocols
Black Hat PythonBookPythonhttps://nostarch.com/blackhatpython
The Linux Command-LineBookLinuxhttps://nostarch.com/tlcl2
Linux Basics for HackersBookLinuxhttps://nostarch.com/linuxbasicsforhackers
Cmdchallenge.comCourseLinuxhttps://cmdchallenge.com/
The Linux Command-LinesiteLinuxhttp://linuxcommand.org/
Linux JourneysiteLinuxhttps://linuxjourney.com/
Bash Scripting: The bash GuidesiteBashhttps://guide.bash.academy/
OverthewireBandit and NatasHandsonLinuxhttps://overthewire.org/wargames/

| | Wireshark YouTube tutorial | Video | Wireshark | https://youtu.be/r0l_54thSYU | | | Netresec | Course | Wireshark | https://www.netresec.com/?page=pcapfiles | | | Malware Traffic Analysis | Course | Wireshark | https://www.malware-traffic-analysis.net/ | | | TCP Dump tutorial | Course | TCPdump | https://danielmiessler.com/study/tcpdump/ | | | Recon-ng tutorial | Course | Recon-ng | https://strikersecurity.com/blog/getting-started-recon-ng-tutorial/ | | | Reconnaissance with Recon-Ng, Part 1 (Getting Started) | Course | Recon-ng | https://null-byte.wonderhowto.com/how-to/hack-like-pro-reconnaissance-with-recon-ng-part-1-getting-started-0169854/ | | | Introduction to DNS | site | DNS | https://www.digitalocean.com/community/tutorials/an-introduction-to-dns-terminology-components-and-concepts | | | DNS Hacking | Course | DNS | https://resources.infosecinstitute.com/dns-hacking/#gref | | | Nmap Scanning the internet | Video | NMAP | https://youtu.be/Hk-21p2m8YY | | | The Official Nmap Project Guide to Network Discovery and Security Scanning | Book | NMAP | https://nmap.org/book/ | | | NMAP Tips: RTFM? | Blog | NMAP | https://blog.zsec.uk/nmap-rtfm/ | | | SMB enumeration with Kali Linux – enum4linux, acccheck and smbmap | Blog | SMB Enumeration | https://hackercool.com/2016/07/smb-enumeration-with-kali-linux-enum4linuxacccheck-smbmap/ | | | Exploit writing | Course | Buffer Overflow | https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/ | | | Exploit writing | Course | Buffer Overflow | https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/ | | | Windows Exploit Development | Course | Exploitation | https://www.securitysift.com/windows-exploit-development-part-1-basics/ | | | Buffer Overflow | Course | Buffer Overflow | https://youtu.be/1S0aBV-Waeo | | | The Presentation and Tutorial for Cross-Site Scripters Who Can’t Stack Buffer Overflow Good and Want to Do Other Stuff Good Too | Course | Buffer Overflow | https://github.com/justinsteven/dostackbufferoverflowgood | | | 7 Linux Shells Using Built-in Tools | Course | Exploitation | https://www.lanmaster53.com/2011/05/7-linux-shells-using-built-in-tools/ | | | Creating Metasploit Payloads | Course | Exploitation | https://netsec.ws/?p=331 | | | Exploiting “Vulnerable Server” for Windows 7 | Handson | Buffer Overflow | https://samsclass.info/127/proj/vuln-server.htm | | | Linux Buffer Overflow | Handson | Buffer Overflow | https://samsclass.info/127/proj/lbuf1.htm | | | Stack Buffer Overflow Practice | Handson | Buffer Overflow | https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/ | | | File transfer | Course | File Transfer | https://blog.ropnop.com/transferring-files-from-kali-to-windows/ | | | Transfer files from Kali to the target machine | Blog | File Transfer | https://awakened1712.github.io/oscp/oscp-transfer-files/ | | | Transferring Files from Linux to Windows (post-exploitation) | Blog | File Transfer | https://blog.ropnop.com/transferring-files-from-kali-to-windows/ | | Exploiting weak folder permissions | Course | Priv Esc | https://www.greyhathacker.net/?p=738 | | | Windows Privilege Escalation Fundamentals | Course | Priv Esc | https://www.fuzzysecurity.com/tutorials/16.html | | | Basic Linux Privilege Escalation | Course | Priv Esc | https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/ | | | Practical Windows Privilege Escalation | Video | Priv Esc | https://youtu.be/PC_iMqiuIRQ | | | MySQL Root to System Root with lib_mysqludf_sys for Windows and Linux | Course | Priv Esc | https://www.adampalmer.me/iodigitalsec/2013/08/13/mysql-root-to-system-root-with-udf-for-windows-and-linux/ | | | Windows Privilege Escalation | Course | Priv Esc | https://toshellandback.com/2015/11/24/ms-priv-esc/ | | | Linux (x86) Exploit Development Series | Course | Priv Esc | https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/ | | | Encyclopaedia Of Windows Privilege Escalation | Video | Priv Esc | https://youtu.be/kMG8IsCohHA | | | Practical Windows Privilege Escalation | Video | Priv Esc | https://youtu.be/PC_iMqiuIRQ | | | Linux privilege escalation for fun profit and all around mischief | Video | Priv Esc | https://youtu.be/dk2wsyFiosg | | | Windows Privilege Escalation Guide | Blog | Priv Esc | https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/ | | | Windows Privilege Escalation Methods for Pentesters | Blog | Priv Esc | https://pentest.blog/windows-privilege-escalation-methods-for-pentesters/ | | | practise your Linux privilege escalation foo | Handson | Priv Esc | https://in.security/lin-security-practise-your-linux-privilege-escalation-foo/ and https://www.vulnhub.com/entry/linsecurity-1,244/ | | | A guide to Linux Privilege Escalation | Blog | Priv Esc | https://payatu.com/guide-linux-privilege-escalation/ | | | The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws, 2nd Edition | Book | Web App | https://amzn.to/2KSX5Io | | | Web Security Academy | Course | Web App | https://portswigger.net/web-security | | | Hacsplaining lessons | Course | Web App | https://www.hacksplaining.com/lessons | | | HackThisSite | Handson | Web App | https://www.hackthissite.org/ | | | Full SQL Injection Tutorial (MySQL) | Course | Web App | https://www.exploit-db.com/papers/13045 | | | Bugcrowd University | Course | Web App | https://www.bugcrowd.com/hackers/bugcrowd-university/ | | | Nikto Manual | site | Web App | https://cirt.net/nikto2-docs/ | | | OWASP Mutillidae II | Handson | Web App | https://github.com/webpwnized/mutillidae | | | Damn Vulnerable Web Application (DVWA) | Handson | Web App | https://github.com/ethicalhack3r/DVWA | | | OWASP Juice Shop Project | Handson | Web App | https://www.owasp.org/index.php/OWASP_Juice_Shop_Project | | | HackThisSite.Org | Handson | Web App | https://www.hackthissite.org/ | | | CeWL Custom Wordlist | Video | Password | https://youtu.be/7cz9OyhFFps | | | Introduction toPassword Cracking–part 1 | PDF | Password | https://alexandreborgesbrazil.files.wordpress.com/2013/08/introduction_to_password_cracking_part_1.pdf | | | Port forwarding: A practical hands-on guide | Handson | Port redirecting | https://www.abatchy.com/2017/01/port-forwarding-practical-hands-on-guide | | | Port Forwarding in Windows | Blog | Port redirecting | https://woshub.com/port-forwarding-in-windows/ | | | SSH Tunneling Explained | Blog | Port redirecting | https://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/ | | | Explore Hidden Networks With Double Pivoting | Blog | Port redirecting | https://pentest.blog/explore-hidden-networks-with-double-pivoting/ | | | PWK Notes: Tunneling and Pivoting [Updated] | Blog | Port redirecting | https://0xdf.gitlab.io/2019/01/28/pwk-notes-tunneling-update1.html | | | ICMP Reverse Shell | Course | Reverse Shell | https://resources.infosecinstitute.com/icmp-reverse-shell/#gref | | Metasploit Unleashed – Free Ethical Hacking Course | Course | Metasploit | https://www.offensive-security.com/metasploit-unleashed/ | | | Metasploit | Book | Metasploit | https://nostarch.com/metasploit | | | Metasploitable 2 Exploitability Guide | Course | Metasploit | https://metasploit.help.rapid7.com/docs/metasploitable-2-exploitability-guide | | | Bandit OverTheWire | Walkthrough | Newbie | https://www.abatchy.com/tag/OverTheWire%20-%20Bandit/ | | | Natas OverTheWire | Walkthrough | Web App | https://infamoussyn.wordpress.com/2014/02/05/overthewire-natas-level-0-16-writeup-updated/ | | | List of VulnHub VMs | Hands on | Everything | https://medium.com/@andr3w_hilton/oscp-training-vms-hosted-on-vulnhub-com-22fa061bf6a1 and https://www.abatchy.com/2017/02/oscp-like-vulnhub-vms and https://www.vulnhub.com/entry/wintermute-1,239/ and with HTB https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/edit#gid=1839402159 and https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html | | | HTB Boxes to Prepare for OSCP (YouTube Playlist) | Video | Everythin | https://www.youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf | | | PentesterLab | Handson | Everything | https://pentesterlab.com/ | | Root-Me.org CTF | Hands on | Everything | https://www.root-me.org/ | | Metasploitable3 | Hands on | Everything | https://blog.rapid7.com/2016/11/15/test-your-might-with-the-shiny-new-metasploitable3/

Cheat sheets and other useful links (needs tiding up and moving to another page):

https://www.explainshell.com/

https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf

https://www.andreafortuna.org/2018/07/18/tcpdump-a-simple-cheatsheet/

https://www.sans.org/security-resources/GoogleCheatSheet.pdf

https://www.exploit-db.com/google-hacking-database

https://github.com/laramies/theharvester

https://github.com/darkoperator/dnsrecon

https://blogs.sans.org/pen-testing/files/2013/10/NmapCheatSheetv1.1.pdf

https://github.com/SecureAuthCorp/impacket

https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/bitsadmin-examples

https://pwnwiki.io/#!privesc/windows/index.md

https://github.com/411Hall/JAWS

https://github.com/GDSSecurity/Windows-Exploit-Suggester

https://github.com/bitsadmin/wesng

https://github.com/rasta-mouse/Sherlock

https://gtfobins.github.io/

https://github.com/rebootuser/LinEnum

https://github.com/jondonas/linux-exploit-suggester-2

https://pentestmonkey.net/category/cheat-sheet

https://github.com/sqlmapproject/sqlmap/wiki/Usage

https://github.com/codingo/NoSQLMap

https://github.com/maurosoria/dirsearch

https://tools.kali.org/web-applications/dirbuster

https://github.com/OJ/gobuster

https://github.com/xmendez/wfuzz

http://pentestmonkey.net/category/cheat-sheet

Credit goes to the below links where I gathered most of the sources:

Prep guide for Offsec’s PWK https://github.com/burntmybagel/OSCP-Prep

https://www.abatchy.com/

https://localhost.exposed/path-to-oscp/

https://github.com/burntmybagel/OSCP-Prep

A Detailed Guide on OSCP Preparation – From Newbie to OSCP

https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html

https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html

https://411hall.github.io/OSCP-Preparation/

https://sushant747.gitbooks.io/total-oscp-guide/content/

https://0xc0ffee.io/blog/OSCP-Goldmine

OSCP Journey: Exam & Lab Prep Tips

https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440