OSCP Resources

UPDATE: Please follow the repo on GitHub if you’d like to keep track of new additions to the list!

---

Books

• Network Security Assessment, 2nd Ed.
• Hacking: The Art of Exploitation, 2nd Ed.

Other Resources by Topic

Information Gathering

Passive

• Google Filetype Conversions - a nifty guide to filetype specifications that work in Google dorks

Active

• Hackertarget Nmap Cheat Sheet - handy guide to Nmap commands
• smb NSE Library - pretty much all the details you’d ever need to know about interacting with SMB via Nmap Scripting Engine

Vulns

• IP Traffic Accounting with iptables - all about traffic accounting with iptables

Buffer Overflows

• dostackbufferoverflowgood - guide and workshop on stack buffer overflows complete with vulnerable executable
• Vortex’s Guide to PWK/OSCP Stack Buffer Overflow Practice - I think this is where I found out about dostackbufferoverflowgood!

Exploit Development

• Mona.py Manual - guide to the mona.py pycommand for Immunity Debugger
• Corelan Exploit Development Tutorials - starting at the oldest and working toward the newer material, these tutorials begin with stack buffer overflow-based exploits and get progressively more complex
• 0x7 Exploit Tutorial: Bad Character Analysis - A brief tutorial on bad character analysis for shellcode development

---

Please follow the repo on GitHub if you’d like to keep track of new additions to the list! I’ll try to keep this updated as well (it’s not currently dynamic).

Also, if you have suggestions for supporting reading material/writeups/tutorials, please do send them my way!