Taking the OSCP? Fear no more...
As some of you might have already guessed, today’s blog post relates to some resources that might very well complement any Oﬀensive Security student on their path to trying harder and achieving the Oﬀensive Security Certified Professional status!
This blog entry will be a slight touch on the tip of the ‘hacking research’ iceberg by introducing you, the reader, to several people, websites and GitHub repositories which might prove useful in conquering the all-feared OSCP exam. Of course, these resources could be handy in real engagements or Capture The Flag challenges.
The ﬁrst person we would like to introduce you to is IppSec!
IppSec is an active member of the infosec community which consistently rolls out walkthrough videos on his YouTube channel!
Without any exaggeration, this member of the community is a trove of knowledge. Through the videos on his channel, he goes on to explain his methodology, the WHYs and HOWs of his actions in every CTF (Capture The Flag) challenge he undergoes. Not only he just gives an explanation but at times, he goes over the same vulnerability more than once to show multiple ways of exploiting said vulnerability.
If that wasn’t enough to get you to subscribe to his channel, IppSec is also hosting his own website where you can input diﬀerent terms you wish to know more about. The website will then show you videos where IppSec himself has dealt with the term inputted by the user.
Without further ado, you will ﬁnd IppSec’s website linked below!
If you are in the process of studying for your OSCP certiﬁcation, I cannot stress this point enough, watch & preach IppSec’s videos like the Bible. They’re full of knowledge and easy to follow!
People like him are extraordinarily indispensable to newcomers in the InfoSec community and we, at ProCheckUp, hope to see more and more people like him emerge in the community!
His way of thinking and extensive knowledge of multiple facets within information security have gained him our top spot in our ‘people’ section of this blog entry!
The next person on our list is John Hammond! Another quite active member in the InfoSec community, he’s always creating videos on all sorts of topics, be it web application exploitation to binary exploitation, he has a bit of everything going on his channel!
Mr. Hammond has also created a myriad of hacking resources as well! Down below you will ﬁnd his own GitHub proﬁle! Within it, Mr. Hammond has linked all sorts of useful repositories containing POCs (Proof Of Concept) to diﬀerent exploits regarding all sorts of vulnerabilities.
If the OSCP is on your mind, please do give this guy some of your time. His résumé is in no way short of amazing certification from the Oﬀensive Security board…
The Cyber Mentor
The Cyber Mentor is another YouTuber who delves into the mysteries & practices of hacking. Although his content is not too “OSCP oriented”, he does shed some light on loads of attacks, including web applications, infrastructure and OSINT! On his YouTube channel, he sometimes posts self-made hacking course videos which vary in length from 1.5 hours to 12 full hours!
He has a very noob-friendly way of explaining concepts which makes him quite popular among the newcomers in the hacking community!
If you’re in town for some extra knowledge, or something that might just spark your interest, we are sure that you can ﬁnd it on his channel!
The perfect tools for the perfect job...
In this section, I will be presenting a few internet resources that I ﬁnd myself visiting each time I am in the process of roofing a CTF challenge… Along with these resources, I will be listing a few tools that can improve your time eﬃciency in the OSCP exam!
This repository is full of all sorts of payloads that can be used when delivering exploits! As well as the obvious payload strings, the repository is ﬁlled with extra notes on how the payloads are to be used!
This website automates the ‘weaponization’ process of your payloads! Instead of writing a horrible looking command, this website gives its users multiple auto-generated reverse shell payload strings, all whilst including the MSFvenom module to be used in concoction with the ‘multi/handler’ module within the Metasploit Framework!
It is a very easy-to-use website and quite effective for InfoSec warriors valuing their time!
Let’s say you broke into a *nix-based device… now what? When you ﬁnd yourself in need of escalating your privileges, look no further. This GitHub repository hands you all the solutions you need. This repository is full of ways in which one can escalate his/her privileges depending on what binary ﬁles are found on the victim system. Easy to use and follow. Highly recommend.
This website is a treasure for infosec warriors. You can ﬁnd a myriad of technologies listed here with readily available commands to use that can help you in enumerating and exploiting said technologies. From various IoT protocols to your standard MySQL Server commands, this is a place where you want to start looking at when you encounter a new technology you need to gain access to.
This tool, as its name implies, deals with the reconnaissance part of an engagement. It is an automated tool which employs all sorts of scans, from Nmap to Nikto and the list may very well continue. Right from the get-go, the tool’s creator mentions on the GitHub repository that “it is intended as a time-saving tool for use in CTFs and other penetration testing environments (e.g. OSCP).” In an OSCP environment, time is of the essence! The AutoRecon tool genuinely gives you more time to hack, rather than spending it on endless scans.
LinPEAS is a personal favourite of ours. You’ve got a shell and need to escalate your privileges? Look no further, LinPEAS is quite thorough to examine which paths you can take to achieve privilege escalation. It is very easy to use and understand! No prerequisites are required to run the tool itself as it is quite lightweight. However, its output is not. This is a MUST HAVE tool in the OSCP or CTFs.
As a side note, LinPEAS’ brother, WinPEAS, is a tool which is built for the same purpose; however, it is used in Windows based environments.
Here we reveal our last entry in this section. Pwncat is a post-exploitation PlaVorm for both Linux and Windows targets (however, Windows support for Pwncat is limited).
Whenever you catch a shell, you go through the daunting process of stabilising it. Pwncat is here to the rescue! On the surface, Pwncat is able to automatically stabilise your shell. But it doesn’t only do that, this tool can become a very custom weapon to aid you in your engagements. Did we mention it is Python based? That’s right, you can customise the tool to hell and back the way you see ﬁt!
hacker voice I'm in...
Thank you for reading this post! I hope these resources & tools will serve you well. I will make sure to come back with more technical posts in the future! Until then…keep on hacking but most importantly…keep safe!