OSCP

Links:

https://www.offensive-security.com/

https://github.com/OlivierLaflamme/Cheatsheet-God

https://scriptdotsh.com/


Study Materials: 
Advanced Penetration Testing - https://www.cybrary.it/course/advance... 
Python for Security Professionals - https://cybrary.it/course/python-secu...  
Zero to Hero Pentesting - https://www.youtube.com/playlist?list... 
Beginner Linux for Ethical Hackers - https://www.youtube.com/playlist?list... 
Buffer Overflows Made Easy - https://www.youtube.com/playlist?list... 

Communities: 
The CyberSec Lounge Discord – https://discord.gg/nVsfhFk  
The Many Hats Club Discord – https://discord.gg/infosec  
The Cyber Mentor Discord – https://discord.gg/REfpPJB 
VetSec Slack (Military) – https://veteransec.com/slack  
The Penetration Testing Community Discord – https://discord.gg/GXsEJqj 
Laptop Hacking Coffee Discord – https://discord.gg/WfYmeKv 
Hacker101 Discord – https://discord.gg/Da6JskV  
NetSecStudents Discord – https://discord.gg/usn6qc6  
Alternatives: eLearnSecurity PTP - https://www.elearnsecurity.com/course...

There's a ton of resources online for OSCP. Check out abatchy's prep guide: https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob.html?m=1. 

Some VMs to practise on:

(#1) Kioptrix: 2014 https://www.vulnhub.com/entry/kioptrix-2014-5,62/

(#2) FristiLeaks: 1.3 https://www.vulnhub.com/entry/fristileaks-13,133/ 

(#3) Stapler: 1 https://www.vulnhub.com/entry/stapler-1,150/

(#4) VulnOS: 2 https://www.vulnhub.com/entry/vulnos-2,147/

(#5) SickOs: 1.2 https://www.vulnhub.com/entry/sickos-12,144/

(#6) Brainpan: 1 https://www.vulnhub.com/entry/brainpan-1,51/

(#7) HackLAB: Vulnix https://www.vulnhub.com/entry/hacklab-vulnix,48/

(#8) /dev/random: scream https://www.vulnhub.com/entry/devrandom-scream,47/

(#9) pWnOS: 2.0 https://www.vulnhub.com/entry/pwnos-20-pre-release,34/

(#10) SkyTower: 1 https://www.vulnhub.com/entry/skytower-1,96/

 

https://norseblog.org/2018/07/05/oscp-journey/

 

What is CTF? (this channel is gold, use it) - https://www.youtube.com/watch?v=8ev9ZX9J45A

More on /u/liveoverflow, http://www.liveoverflow.com is hands down one of the best places to learn, along with r/liveoverflow

CTF compact guide - https://ctf101.org/

Upcoming CTF events online/irl, live team scores - https://ctftime.org/

What is CTF? - https://ctftime.org/ctf-wtf/

Full list of all CTF challenge websites - http://captf.com/practice-ctf/

> be careful of the tool oriented offensivesec oscp ctf's, they teach you hardly anything compared to these ones and almost always require the use of metasploit or some other program which does all the work for you.

• http://pwnable.tw/ (a newer set of high quality pwnable challenges)
• http://pwnable.kr/ (one of the more popular recent wargamming sets of challenges)
• https://picoctf.com/ (Designed for high school students while the event is usually new every year, it's left online and has a great difficulty progression)
• https://microcorruption.com/login (one of the best interfaces, a good difficulty curve and introduction to low-level reverse engineering, specifically on an MSP430)
• http://ctflearn.com/ (a new CTF based learning platform with user-contributed challenges)
• http://reversing.kr/
• http://hax.tor.hu/
• https://w3challs.com/
• https://pwn0.com/
• https://io.netgarage.org/
• http://ringzer0team.com/
• http://www.hellboundhackers.org/
• http://www.overthewire.org/wargames/
• http://counterhack.net/Counter_Hack/Challenges.html
• http://www.hackthissite.org/
• http://vulnhub.com/
• http://ctf.komodosec.com
• https://maxkersten.nl/binary-analysis-course/ (suggested by /u/ThisIsLibra, a practical binary analysis course)
• https://pwnadventure.com (suggested by /u/startnowstop)

http://picoctf.com is very good if you are just touching the water.

and finally,

r/netsec - where real world vulnerabilities are shared.

https://purplesquadsec.com/

https://www.willchatham.com/general/the-unofficial-oscp-faq/

https://latesthackingnews.com/2018/09/25/qa-with-17-year-old-oscp-kunal-khubchandani-his-thoughts-on-oscp/

https://veteransec.com/2018/09/21/not-your-ordinary-oscp-review/

https://www.jpsecnetworks.com/week-1-oscp-preparation-lab-setup/

 

https://timborninkhof.com/oscp-exam-review/

 

World Economic Forum

Emerging technologies

https://www.weforum.org/focus/emerging-technologies-2016

Directory of Open Access Journals (DOAJ)

Interesting reading

https://doaj.org/

Security

Staying safe out there ...

https://securityinabox.org/en

https://www.torproject.org/

https://www.whonix.org/ 

https://tails.boum.org/ 

https://www.qubes-os.org/doc/privacy/torvm/ 

https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy 

https://www.whonix.org/wiki/Comparison_with_Others 

http://www.wifislax.com/ 

Games, Toys, diversions...

A list of game sites...

(Mostly Indie Games)

itch.io

Indiegala

GameJolt

Indie Games – The Weblog

TIGSource

Rock, Paper, Shotgun

RGCD

Jay Is Games

owVideogames

Indie N

Hookshot Inc.

IndieLove

Indie Statik

BigSushi.fm

Extra Guy

The Indie Game Magazine

The Penny Arcade Report

Quote Unquote

Play This Thing

IndieDB

Gnome’s Lair

Indie Impressions

Open Source Intelligence (OSINT) gathering tools and resources.

Open Source Intelligence (OSINT) gathering tools and resources.

• Spokeo – People search engine and free white pages finds phone, address, email, and photos. Find people by name, email, address, and phone for free.
• theHarvester – This tool is intended to help Penetration testers in the early stages of the penetration test in order to understand the customer footprint on the Internet. It is also useful for anyone that wants to know what an attacker can see about their organization.
• Shodan – Search for computers based on software, geography, operating system, IP address and more
• Maltego – Maltego is a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operates. Maltego’s unique advantage is to demonstrate the complexity and severity of single points of failure as well as trust relationships that exist currently within the scope of your infrastructure.
• Hoovers – Search over 85 million companies within 900 industry segments; Hoover’s Reports Easy-to-read reports on key competitors, financials, and executives
• Market Visual – Search Professionals by Name, Company or Title
• GEOCreepy – GEOCreepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services.
• Recorded Future – Recorded Future intelligence analysis tools help analysts understand trends in big data, and foresee what may happen in the future. Groundbreaking algorithms extract temporal and predictive signals from unstructured text. Recorded Future organizes this information, delineates results over interactive timelines, visualizes past trends, and maps future events– all while providing traceability back to sources. From OSINT to classified data, Recorded Future offers innovative, massively scalable solutions.
• Snoopy – Snoopy is a distributed tracking and profiling framework
• Stalker – STALKER is a tool to reconstruct all captured traffic (wired or wireless alike) and parse out all of the “interesting” information disclosures.  It goes beyond just grabbing passwords and emails out of the air as it attempts to build a complete profile of your target(s).  You would be amazed at how much data you can collect in 15 minutes.
• LittleSis – LittleSis is a free database of who-knows-who at the heights of business and government.
• Entity Cube – EntityCube is a research prototype for exploring object-level search technologies, which automatically summarizes the Web for entities (such as people, locations and organizations) with a modest web presence.
• TinEye – TinEye is a reverse image search engine currently in beta. Give it an image and it will tell you where the image appears on the web.
• Google Hacking DB – Google Search Query Fu to find the secret sauce
• MyIPNeighbours – My IP Neighbors lets you find out if any other web sites (“virtual hosts”) are hosted on a given web server.
• Social Mention – Social Mention is a social media search engine that searches user-generated content such as blogs, comments, bookmarks, events, news, videos, and more
• Glass Door – Search jobs then look inside. Company salaries, reviews, interview questions, and more – all posted anonymously by employees and job seekers.
• NameCHK – Check to see if your desired username or vanity url is still available at dozens of popular Social Networking and Social Bookmarking websites.
• Scythe – The ability to test a range of email addresses (or account names) across a range of websites (e.g. social media, blogging platforms, etc) to find where those targets have active accounts.
• Recon-NG – A nice Python Script that automates recon on LinkedIn, Jigsaw, Shodan and some search engine fu.
• Pushpin – Awesome little Python script that will identify every tweet, flicker pic and Youtube video within an area of a specific Geo address.
• Silobreaker – Enterprise Semantic Search Engine, allows virtualisation of data, analytics and exploration of key data.
• Google Trends – See what are the popular related topics people are searching for. This will help widen your search scope.
• Google Alerts – Google Alerts are email updates of the latest relevant Google results (web, news, etc.) based on your queries.
• Addict-o-matic – Nice little search aggregator. Allows you to enter a search term and build a page from search and social networking sites.
• PasteLert – PasteLert is a simple system to search pastebin.com and set up alerts (like google alerts) for pastebin.com entries. This means you will automatically recieve email whenever your term(s) is/are found in new pastebin entries!
• CheckUsernames – Check for usernames across 160 Social Networking Sites.
• Whos Talkin – social media search tool that allows users to search for conversations surrounding the topics that they care about most.
• 192 – Search for People, Businesses and Places in the UK.
• TouchGraph SEO – Java based tool for importing and visualising various data types.
• Tweet Archivist – Tweets are ephemeral. Tweets disappear. Why? That’s the way Twitter is designed. Tweet Archivist can save those tweets before they’re gone. Now, to be clear, Tweet Archivist is not an archive of every tweet ever tweeted. It doesn’t have a database of all tweets.
• Whoisology – Handy little search engine based on Whois data to identify domains owned by a specific contact.
• Carrot2 – Nice little visualisation search engine.
• iSeek – Another handy search engine that break results down into easy to manage categories.
• GlobalFileSearch – An FTP Search Engine that may come in handy.
• NerdyData – Neat search engine that works at the source code level.
• OneMillionTweetMap – Provides visual confirmation of tweets where geotags are enabled, also provides heatmaps for heavy tweet areas.
• SpiderFoot – The main objective of SpiderFoot is to automate this process to the greatest extent possible, freeing up a penetration tester’s time to focus their efforts on the security testing itself.
• Username Search – Handy site that will search multiple sites for usernames, email addresses and phone numbers.
• PlaTO – Searchable list for sites that store credentials in plaintext (taken from Plaintext Offenders)
• GitRob – Handy OSINT tool for finding interesting things related to an organisation in GitHub
• LeakedIn – Aggregator site for data samples lost or disclosed online
• Default Passwords List – Great list on CIRT.net of default passwords for various devices which often comes in handy.
• Searchcode – Handy source code search engine to find code thats been shared online. May contain usernames, passwords, specific strings, etc.