OSCP Guide – Full Free Course

preview_player
Показать описание
Upload of the full OSCP Guide course.

Here below you can also find a link to the playlist with the single videos. For those instead who want everything in a single place I’ve made this video instead.

-------------------------

RESOURCES


-------------------------

TIMESTAMP

######### OSCP 01 – My Exam Experience
00:00:00 Introduction
00:01:53 My experience studying for the certification
00:08:53 Exam timeline
00:18:13 General tips
######### OSCP 02 – Pre-Requisites
00:26:17 Introduction
00:27:32 Pre-requisites
00:35:37 Scenario n.1: Foothold with directory traversal
00:39:17 Scenario n.2: Privilege escalation through PATH injection
00:41:30 Scenario n.3: Kerberoasting on Active Directory
00:43:57 Reading HTB Bashed writeup
00:46:27 Port scanning with nmap
00:49:37 Enumerating directories with dirsearch
00:52:17 Privilege escalation with sudo -l
00:54:23 Cronjob analysis with pspy64
00:56:17 Conclusion
######### OSCP 03 – Web
00:59:35 Introduction
01:01:15 OSCP Web content
01:04:30 SQL Injection
01:05:30 Directory Traversal
01:08:50 Local File Inclusion (LFI)
01:11:14 Remote File Inclusion (RFI)
01:12:50 File upload vulnerabilities
01:15:45 OS command injection
01:18:50 Cross-Site Scripting (XSS)
01:20:50 Auto-exploitation tools are not allowed
01:24:00 Cheatsheet - General enumeration
01:28:25 Cheatsheet - Brute forcing
01:30:45 Cheatsheet - HTTP enumeration
01:36:00 Cheatsheet - SMB enumeration
01:38:15 Cheatsheet - SNMP enumeration
01:42:12 Conclusion
######### OSCP 04 – Linux
01:42:51 introduction
01:44:51 using the terminal
01:50:51 main techniques
02:03:14 enumeration scripts
02:06:04 conclusion
######### OSCP 05 – Windows
02:07:11 Introduction
02:09:21 In OSCP windows has more structure
02:12:26 Basic enumeration
02:21:02 Commands for basic enumeration
02:31:14 Technique 1 - Abusing SeImpersonatePrivilege
02:33:56 Technique 2 - Service Hijacking
02:37:11 Technique 3 - Unquoted Service Path
02:40:46 Example of file transfering
02:42:11 Conclusion
######### OSCP 06 – Password Attacks
02:44:30 Introduction
02:46:15 Password hashing
02:58:15 Password cracking
03:05:52 Brute forcing authentication mechanics
03:09:40 Using hydra to brute force logins
03:15:20 Conclusion
######### OSCP 07 – Using Existing Exploits
03:16:26 Introduction
03:17:31 Simple exploitation
03:21:21 Custom exploitation
03:32:26 Pratical Example – CVE-2021-41773
03:47:31 Conclusion
######### OSCP 08 – Port Forwarding and Pivoting
03:48:09 Introduction
03:48:59 Port Forwarding in OSCP Exam
03:54:04 Port Forwarding Techniques
03:55:29 Pratical Example – Local Port Forwarding
04:04:54 Cheatsheet commands
04:08:19 Conclusion
######### OSCP 09 – Client-Side Attacks
04:08:44 Introduction
04:09:32 Client-Side Attacks
04:17:04 Email phishing attack
04:20:04 Example 1 – Reverse Shell on Windows
04:22:20 Example 2 – Stored XSS on WebApp
04:29:54 Conclusion
######### OSCP 10 – Active Directory
04:31:09 Introduction
04:32:30 Reading AD section
04:42:49 Tools and attacks
04:56:54 Authentication protocols and attacks
04:58:10 Keep things simple
05:00:44 AD Cheatsheet for enumeration, exploitation and lateral movement
05:11:39 Practical Example – Kerberoasting in Active Directory
05:19:19 Kerberoasting summary
######### OSCP 11 – Report Writing
05:21:26 Introduction
05:22:36 Writing is a critical skill
05:26:11 Part 1 – Notes taken during the exam
05:30:56 Example of writeup with org-mode
05:36:37 Part 2 – Structure of the final report
05:44:16 Recognize the vulnerabilities
05:46:06 Part 3 – Tools to produce the final report
05:50:26 Folder structure for final exam
05:53:56 Using markdown to generate report
05:57:14 Analysis of generation script
05:59:46 Overview and conclusion
######### OSCP 12 – Expectations and Methodologies for Exam
06:02:27 Introduction
06:03:17 Miscellaneous modules
06:06:07 Challenge Labs
06:11:33 Exam expectations
06:21:47 Exam structure
06:23:42 Exam methodology
06:27:02 Bonus points
06:30:03 Proctoring setup
06:32:07 Conclusion

-------------------------

CONTACTS

  1. hexdump
Рекомендации по теме
OSCP Guide – 6:34:56

OSCP Guide – Full Free Course

Resources to pass 0:02:08

Resources to pass your OSCP

How I passed 0:28:05

How I passed the OSCP in 6 Hours!

OffSec Live | 3:09:04

OffSec Live | Walkthrough of a PEN-200 AD Set

OSCP: From FAIL 0:25:47

OSCP: From FAIL to FULL points - My Top 20 Tips

OSCP Guide 01/12 0:26:17

OSCP Guide 01/12 – My Exam Experience

OSCP Attempt 24-hours 0:01:01

OSCP Attempt 24-hours in 1 minute

How I Passed 0:18:18

How I Passed the OSCP in 8 Hours (On My First Attempt!)

Get My Free 0:02:06

Get My Free OSCP/Pentesting Notes

My PenTesting Methodology 0:54:08

My PenTesting Methodology For OSCP | How I Hack Things

OSCP is not 0:01:00

OSCP is not an Expert Level Certification

Ultimate OSCP Guide 0:27:57

Ultimate OSCP Guide 2024 - How To Pass The OSCP 2024

How I Prepared 0:04:28

How I Prepared For OSCP | Full Roadmap

I couldn't pass 0:00:39

I couldn't pass OSCP until I learned this

Stop looking for 0:00:40

Stop looking for new notetaking apps. This is all you need.

OSCP Exam Timelapse 0:00:26

OSCP Exam Timelapse

Is the OSCP 0:00:47

Is the OSCP really a beginner cert

CompTIA PenTest+ Full 11:32:28

CompTIA PenTest+ Full Course - FREE [11 Hours] PT0-002

The Ultimate OSCP 0:11:21

The Ultimate OSCP Exam Strategy

Why some people 0:00:58

Why some people get the OSCP faster than others

The Ultimate OSCP 1:49:36

The Ultimate OSCP Preparation Guide 2021

How to prepare 0:00:23

How to prepare for OSCP exam || Cyber Security Training || ProSeek Training Center

Should you schedule 0:00:43

Should you schedule your OSCP exam yet

How to Pass 0:12:11

How to Pass the OSCP in 2024 | Tips and Tricks to Pass

Комментарии
Автор

God bless you! Finally someone who is not just talking random generic shit about the OSCP but actually helping with the study process

jdemiii
Автор

This is a really solid course. Thanks for making it. Your English and delivery are superb. I will be checking out your other content

markmeredith
Автор

Best OSCP guide and review yet! I'm currently going through the Pen-200 now, this is absolutely solid insight and encouraging -- thank you Leonardo!! I'm enjoying your Windows priv esc video as well...Keep up the great work!

can-do_curran
Автор

This is pure GOLD my dude! This content is amazing and the exact thing I was after. Thanks for taking the time to put together all of this

theWerewolf
Автор

Thank you for the big work and the big share. You deserve the best, Leo.

erpanterone
Автор

I passed the PNPT in July 2023 and passed the GPEN in March 2024. Now, I am planning to purchase the OSCP course and the exam but I needed an idea of the topics and structure of the exam, and your video touched on all of these. Thank you very much.

peesharonn
Автор

Thank you for making this great walkthrough, answered many questions that I had and what to look for and expect from OSCP exam. Keep up great work.

edgarzainullin
Автор

Fantastic complete video, thank you master!!! 🎉❤

dustinhxc
Автор

This is extremely helpful thank you so much. i've been studying for 2 years and sometimes I still feel like I'm not ready. I keep finding new stuff I never knew before .. seems endless. I really struggle with understanding when I am ready for the OSCP. I feel like I need a coach to tell me where I am and what I still need to study to pass this. It's too expensive for this test to play around with IMHO.

cri
Автор

God bless Italia : grazie e in bocca al lupo for the rest ...
;)

SALTINBANK
Автор

Great work, thank you very much for creating this guide

Ticared
Автор

Thank you for sharing this amazing content and it will help me lot for oscp preparation.

CyberSquad
Автор

big up brother👍, thanksfor the video .am about to take OSCP and you give a great guide

anonymoussaid
Автор

Great stuff thanks man ! godlike work.

Tathamet
Автор

Very good video. I haven’t seen all the video at that time and perhaps you deal with my question, but If not I prefer to ask you some questions.

For the report writing, You have to describe the way you followed to find the flags. Now imagine that you found 2 vulnerabilities on FTP and web. You can exploit both but FTP is a rabbit hole and only web allow you to continue. Do you explain FTP and web in the report or only web ? Because it is a pentest report I think you have to explain ALL vuln you found. But I am not sure for the exam.

Other point. You mentioned that exam + report need full energy. So what strategy do you advise. Try to earn the maximum of point if you can and so describe all the flag quest in the report ?. Or stop after you have 70 points and describe less flags quest in the report and have more time to write it ?

Thanks

Rickynoxe
Автор

Ciao Leonardo, potresti fare lo stesso video ma in Italiano? Grazie in anticipo sei il TOP!❤

TheFraDark
Автор

On your exam did you use Linpeas and Winpeas and if so what edits to the scripts do you have to make in order to make them test legal?

-willplaysgames
Автор

Hello,

Thank you for the guide, I am looking into breaking into the field of cybersecurity. However I have heard that nowadays you cannot get a good start without a college degree, is that correct? I do not want to have to go to college, do you think it would be possible to start a career in this field without it?

edenreyes
Автор

Did you lose your cert over this homie? Big thanks much bigger than I can text here.

ProtectorA
Автор

In the near future, I will achieve the OCSP certification - as a career pipeline of my desired orientation for my career. Sir, I appreciate your creation of this content.

Cultivation-FitnessMoral-gjco