OSCP Resources
UPDATE: Please follow the repo on GitHub if you’d like to keep track of new additions to the list!
Books
Other Resources by Topic
Information Gathering
Passive
- Google Filetype Conversions - a nifty guide to filetype specifications that work in Google dorks
Active
- Hackertarget Nmap Cheat Sheet - handy guide to Nmap commands
- smb NSE Library - pretty much all the details you’d ever need to know about interacting with SMB via Nmap Scripting Engine
Vulns
- IP Traffic Accounting with iptables - all about traffic accounting with iptables
Buffer Overflows
- dostackbufferoverflowgood - guide and workshop on stack buffer overflows complete with vulnerable executable
- Vortex’s Guide to PWK/OSCP Stack Buffer Overflow Practice - I think this is where I found out about dostackbufferoverflowgood!
Exploit Development
- Mona.py Manual - guide to the mona.py pycommand for Immunity Debugger
- Corelan Exploit Development Tutorials - starting at the oldest and working toward the newer material, these tutorials begin with stack buffer overflow-based exploits and get progressively more complex
- 0x7 Exploit Tutorial: Bad Character Analysis - A brief tutorial on bad character analysis for shellcode development
Please follow the repo on GitHub if you’d like to keep track of new additions to the list! I’ll try to keep this updated as well (it’s not currently dynamic).
Also, if you have suggestions for supporting reading material/writeups/tutorials, please do send them my way!