I’m in the process of working my way through the Offensive Security’s PWK labs, in preparation for the OSCP exam. Here are some of the links that have proven useful to me so far. At some future date I’ll organize them.
- Windows File Traversal Cheatsheet”
- http://www.0daysecurity.com/penetration-testing/enumeration.html
- http://pentest.tonyng.net/timo-sablowskis-oscp-note/
- http://www.carnal0wnage.com/
- http://www.carnal0wnage.com/papers/LARES-ColdFusion.pdf
- https://0xdf.gitlab.io/2018/12/02/pwk-notes-smb-enumeration-checklist-update1.html
- https://bayo.opadeyi.net/2011/06/copy-files-between-linux-and-windows.html
- https://blog.g0tmi1k.com/
- https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
- https://blog.propriacausa.de/wp-content/uploads/2016/07/oscp_notes.html
- https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
- https://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html
- https://forums.offensive-security.com/showthread.php?12301-Difference-between-two-shells&highlight=shell+upgrade
- https://github.com/codingo/OSCP-2/blob/master/Documents/Proxychains%20with%20Windows%20machine.pdf
- https://github.com/g0tmi1k/debian-ssh
- https://github.com/securesocketfunneling
- https://github.com/sshuttle
- https://github.com/xapax/security/blob/master/privilege_escalation_windows.md
- https://guide.offsecnewbie.com/privilege-escalation/windows-pe
- https://medium.com/bugbountywriteup/pimp-my-shell-5-ways-to-upgrade-a-netcat-shell-ecd551a180d2
- https://pentestacademy.wordpress.com/2016/06/21/common-windows-commands-for-pentesters/
- https://pentesterlab.com/exercises/from_sqli_to_shell_II/course
- https://securesocketfunneling.github.io
- https://security.stackexchange.com/questions/120708/nmap-through-proxy/120723#120723
- https://security.stackexchange.com/questions/122561/how-to-use-nmap-through-proxychains?noredirect=1
- https://securityonline.info/windows-command-line-kung-fu/
- https://sushant747.gitbooks.io/total-oscp-guide/
- https://systemoverlord.com/2018/02/14/preparing-for-penetration-testing-with-kali-linux.html#time-management
- https://unix.stackexchange.com/questions/4126/what-is-the-exact-difference-between-a-terminal-a-shell-a-tty-and-a-con
- https://unix.stackexchange.com/questions/43385/what-do-you-mean-by-interactive-shell
- https://www.absolomb.com/2018-01-26-Windows-Privilege-Escalation-Guide/
- https://www.cybrary.it/0p3n/prep-guide-offsecs-pwkoscp/
- https://www.fuzzysecurity.com/
- https://www.gnucitizen.org/blog/coldfusion-directory-traversal-faq-cve-2010-2861/