OSCP Guide – Full Free Course

Upload of the full OSCP Guide course. Here below you can also find a link to the playlist with the single videos. For those instead who want everything in a single place I’ve made this video instead. If you want to support my work, subscribe to my patreon page - https://www.patreon.com/hexdump Thanks. ------------------------- RESOURCES - Github repository: https://github.com/LeonardoE95/OSCP - OSCP Guide article: https://blog.leonardotamiano.xyz/tech/oscp-technical-guide/ - OSCP Guide playlist: https://youtu.be/9mrf-WyzkpE?si=1sgYae3pebqkaJkp - PEN 200 Course: https://www.offsec.com/courses/pen-200/ ------------------------- TIMESTAMP ######### OSCP 01 – My Exam Experience 00:00:00 Introduction 00:01:53 My experience studying for the certification 00:08:53 Exam timeline 00:18:13 General tips ######### OSCP 02 – Pre-Requisites 00:26:17 Introduction 00:27:32 Pre-requisites 00:35:37 Scenario n.1: Foothold with directory traversal 00:39:17 Scenario n.2: Privilege escalation through PATH injection 00:41:30 Scenario n.3: Kerberoasting on Active Directory 00:43:57 Reading HTB Bashed writeup 00:46:27 Port scanning with nmap 00:49:37 Enumerating directories with dirsearch 00:52:17 Privilege escalation with sudo -l 00:54:23 Cronjob analysis with pspy64 00:56:17 Conclusion ######### OSCP 03 – Web 00:59:35 Introduction 01:01:15 OSCP Web content 01:04:30 SQL Injection 01:05:30 Directory Traversal 01:08:50 Local File Inclusion (LFI) 01:11:14 Remote File Inclusion (RFI) 01:12:50 File upload vulnerabilities 01:15:45 OS command injection 01:18:50 Cross-Site Scripting (XSS) 01:20:50 Auto-exploitation tools are not allowed 01:24:00 Cheatsheet - General enumeration 01:28:25 Cheatsheet - Brute forcing 01:30:45 Cheatsheet - HTTP enumeration 01:36:00 Cheatsheet - SMB enumeration 01:38:15 Cheatsheet - SNMP enumeration 01:42:12 Conclusion ######### OSCP 04 – Linux 01:42:51 introduction 01:44:51 using the terminal 01:50:51 main techniques 02:03:14 enumeration scripts 02:06:04 conclusion ######### OSCP 05 – Windows 02:07:11 Introduction 02:09:21 In OSCP windows has more structure 02:12:26 Basic enumeration 02:21:02 Commands for basic enumeration 02:31:14 Technique 1 - Abusing SeImpersonatePrivilege 02:33:56 Technique 2 - Service Hijacking 02:37:11 Technique 3 - Unquoted Service Path 02:40:46 Example of file transfering 02:42:11 Conclusion ######### OSCP 06 – Password Attacks 02:44:30 Introduction 02:46:15 Password hashing 02:58:15 Password cracking 03:05:52 Brute forcing authentication mechanics 03:09:40 Using hydra to brute force logins 03:15:20 Conclusion ######### OSCP 07 – Using Existing Exploits 03:16:26 Introduction 03:17:31 Simple exploitation 03:21:21 Custom exploitation 03:32:26 Pratical Example – CVE-2021-41773 03:47:31 Conclusion ######### OSCP 08 – Port Forwarding and Pivoting 03:48:09 Introduction 03:48:59 Port Forwarding in OSCP Exam 03:54:04 Port Forwarding Techniques 03:55:29 Pratical Example – Local Port Forwarding 04:04:54 Cheatsheet commands 04:08:19 Conclusion ######### OSCP 09 – Client-Side Attacks 04:08:44 Introduction 04:09:32 Client-Side Attacks 04:17:04 Email phishing attack 04:20:04 Example 1 – Reverse Shell on Windows 04:22:20 Example 2 – Stored XSS on WebApp 04:29:54 Conclusion ######### OSCP 10 – Active Directory 04:31:09 Introduction 04:32:30 Reading AD section 04:42:49 Tools and attacks 04:56:54 Authentication protocols and attacks 04:58:10 Keep things simple 05:00:44 AD Cheatsheet for enumeration, exploitation and lateral movement 05:11:39 Practical Example – Kerberoasting in Active Directory 05:19:19 Kerberoasting summary ######### OSCP 11 – Report Writing 05:21:26 Introduction 05:22:36 Writing is a critical skill 05:26:11 Part 1 – Notes taken during the exam 05:30:56 Example of writeup with org-mode 05:36:37 Part 2 – Structure of the final report 05:44:16 Recognize the vulnerabilities 05:46:06 Part 3 – Tools to produce the final report 05:50:26 Folder structure for final exam 05:53:56 Using markdown to generate report 05:57:14 Analysis of generation script 05:59:46 Overview and conclusion ######### OSCP 12 – Expectations and Methodologies for Exam 06:02:27 Introduction 06:03:17 Miscellaneous modules 06:06:07 Challenge Labs 06:11:33 Exam expectations 06:21:47 Exam structure 06:23:42 Exam methodology 06:27:02 Bonus points 06:30:03 Proctoring setup 06:32:07 Conclusion ------------------------- CONTACTS - Technical blog: https://blog.leonardotamiano.xyz/ - Github: https://github.com/LeonardoE95?tab=repositories - Support my work: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ