Skip to content

thomasdefise/OSCP_Resources

Repository files navigation

Introduction

This is a repository made of multiple cheats in order to perform penetration testing/red team exercice.

I created this repository in order to share all the stuff I'm gathering on the Internet.

I'm not, and I have never worked in an offensive position. However, as mainly working as a Blue Teamer, it is essential for me to have the "Think as an attacker" mindset.

Resources

Standards

Within my documents, I tries to link most of the techniques towards well-known standards. By using well-known standards, it enable to be able to speak the same language between people. Those two standards also explains the techniques more in depth, so if you want to go deeper, don't hesitate to follow the links and go more into details. They also explains how to detect and/or mitigate the techniques we try to use to compromise a system, which is uselfull when writting the report.

Books

I read books in order to get additional informations from what was available on the Internet. Even if some of those books are a bit old, they are still valuable today. Here are some reasons:

  • You will always fall down on old systems within engagements.
  • Sometimes the writter created some tools or give some scripts which are very know
  • ..

However, test the tools as well as the options, as their will be things that may have changed.

Book Writter Published Description
Penetration Testing: A Hands-On Introduction to Hacking Georgia Weidman 2014 Beginner-friendly book that explains the basics of pentesting.

Nice to start with.
Red Team Field Manual (RTFM) Ben Clark 2014 Around 100 pages of cheat cheets.

I would suggest to read it once you have already decent notes and a good understanding of basic Linux, Windows and Web pentest
The Hacker Playbook 3: Practical Guide To Penetration Testing Peter Kim 2018 It may looks like there is only around 250 pages but this book is a good very resource, as it has been published in 2018, there are new tools that were not there in well-known referenced books of early 2010s.

Note that I started with the number 3 of this series thinking that it was always adding new stuff on top of previous version which is not the case.

How I would recommend to read those books

  1. Penetration Testing: A Hands-On Introduction to Hacking (2014)
  2. Hacking Exposed Linux, 3rd Edition (2008)
  3. Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, 3rd Edition (2007)
  4. Network Security Assessment: Know Your Network 3rd Edition (2016)
  5. The Art of Network Penetration Testing (2020)
  6. Hacking: The Art of Exploitation, 2nd Edition (2008)
  7. The Hacker Playbook: Practical Guide To Penetration Testing (2014)
  8. The Hacker Playbook 2: Practical Guide To Penetration Testing (2015)
  9. The Hacker Playbook 3: Practical Guide To Penetration Testing (2018)
  10. Operator Handbook: Red Team + OSINT + Blue Team Reference (2020)
  11. Red Team Field Manual (RTFM) (2014)

Blogs & Repos

Here below are blogs and repos that I heavily used during my researchs

As well as Linux man, Microsoft's Documentation, ... websites like

Practise


DISCLAIMER

The content of the repository, as well as all the research link to it is done during my free-time in order learn new skills and share with the community.
The content of the repository does not relate to any work within either my current or previous employeers.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published