Are you ready for OSCP?

There are many blogs about taking OSCP so do this blog. Before register the course, I ask myself a lot about my experience and dedication. However nothing is impossible if you have the discipline and dedication. I passed the exam on second attempt.

I register the course for 90 days lab access because of my working hours. Seriously 90 days? Are you kidding me? 90 days lab access?? Are you mad?! That is so much!! However not for me. The total time I spent in the lab could be only 1 month.

The following study materials are just for reference only.

Materials on enumeration and information gathering:
  1. 0daysecurity - Enumeration
  2. zenk-security - Nmap Commands Kungfu
Materials on overall penetration testing and some tools:
  1. Penetration Testing: A Hands-On Introduction to Hacking
  2. Gray Hat Hacking The Ethical Hacker's Handbook, Fourth Edition
  3. Hacking: The Art of Exploitation, 2nd Edition
  4. The Hacker Playbook 2: Practical Guide To Penetration Testing
  5. Basic Security Testing with Kali Linux 2
  6. Professional Penetration Testing, Second Edition: Creating and Learning in a Hacking Lab
  7. Advanced Penetration Testing for Highly-Secured Environments
  8. vulnerabilityassessment - Penetration Test
  9. Metasploit: The Penetration Tester's Guide
  10. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
  11. Nmap 6 Cookbook: The Fat Free Guide to Network Security Scanning
  12. Unofficial Guide to Mimikatz & Command Reference
Materials on reverse engineering and buffer overflow:
  1. SecurityTube - Windows Assembly Language Megaprimer
  2. SecurityTube - Exploit Research Megaprimer
  3. FuzzySecurity - Windows Exploit Development Tutorial Series
  4. Exploit Development Community
  5. Corelan - Exploit Writing Series
  6. pusheax - Exploit writing – Stack based Buffer overflow
  7. Github - Awesome Windows Exploitation
  8. Offset-DB - Looking for fixed memory offset
Materials on web application attack:
  1. HighOn.Coffee - Local File Inclusion Cheat Sheet
  2. Solus - LFI + RCE + ROOT server
  3. netsparker - SQL Injection Cheat Sheet
  4. - SQL Injection Cheat Sheet
  5. Resources Infosec Institute - SQL Injection Cheat Sheet
  6. michaeldaw - SQL Injection Cheat Sheet
  7. ExploitDB - SQL Injection Cheat Sheet
  8. pentestmonkey - SQL Injection Cheat Sheet
  9. BruteLogic - XSS Cheat Sheet
  10. - XSS Cheat Sheet
  11. OWASP - XSS Cheat Sheet
Materials on post exploitation information gathering and privilege escalation:
  1. Linux Post Exploitation Command List
  2. Windows Post Exploitation Command List
  3. toshellandback - Windows Privilege Escalation
  4. FuzzySecurity - Windows Privilege Escalation
  5. foxglovesecurity - Hot Potato - Windows Privilege Escalation
  6. Resources Infosec Institute - Windows Privilege Escalation
  7. - Windows Privilege Escalation
  8. travisaltman - Windows Privilege Escalation
  9. g0tmi1k - Basic Linux Privilege Escalation
  10. netsec - Linux Privilege Escalation Scripts
  11. Resources Infosec Institute - Linux Privilege Escalation Example
Materials on reverse shell:
  1. pentestmonkey
  2. HighOn.Coffee
  3. asafety
  4. Xathrya
  5. cybrary
  6. blog.safebuff
  7. lanmaster53
  8. trustedsec
  9. From non-tty to tty
Materials that I used during lab and exam:
  1. msfvenom gennerator
  2. wget in VBS or Powershell
  3. runas in powershell
  4. post exploit enumeration
  5. windows buffer overflow
  6. Google