Knowledge Bases

List of knowledge bases to check as-and-when

Universal

• https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html
• https://hacktricks.boitatech.com.br/pentesting/873-pentesting-rsync
• https://github.com/0xsyr0/oscp
• https://gabb4r.gitbook.io/oscp-notes
• https://github.com/Poellie01/OSCP-Notes/tree/main
• https://github.com/mohinparamasivam/Red-Teaming-Notes
• https://github.com/Rai2en/OSCP-Notes

Especially useful for phishing among other things

• https://liodeus.github.io/2020/09/18/OSCP-personal-cheatsheet.html

Useful for privesc

• https://www.hackingarticles.in/category/privilege-escalation/

More specific exploits in these ones (HTB guys)

• https://0xdf.gitlab.io/cheatsheets/
• https://ippsec.rocks/#

Linux

Useful (holistically) for linux

• https://sirensecurity.io/blog/linux-privilege-escalation-resources/

Check this one on Linux for some more specific linux privescs, e.g. Update-Motd Privesc

• https://exploit-notes.hdks.org/exploit/linux/privilege-escalation/update-motd-privilege-escalation/

Windows

Useful for Windows

• https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md

Active Directory

Check this religiously before the other ones

• https://gist.github.com/ssstonebraker/a1964b2f20acc8edb239409b6c4906ce#trust-relationship-between-domains

Absolutely killer for AD

• https://viperone.gitbook.io/pentest-everything/everything/everything-active-directory/ad-enumeration
• https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

Useful for AD lateral movement

• https://github.com/brianlam38/OSCP-2022/blob/main/cheatsheet-active-directory.md#AD-Lateral-Movement-1

Privileges

• https://github.com/nickvourd/Windows-Local-Privilege-Escalation-Cookbook/blob/master/Notes/AlwaysInstallElevated.md

More specific AD links

• 24.1 - Useful Links

Miscellaneous - CHECK REGARDLESS

List to add to chapter 1

• https://www.brunorochamoura.com/posts/cpts-tips/field-manual-structure.png
• https://hackviser.com/tactics/pentesting/services/rsync

Really long lists but worth checking

• https://github.com/slyth11907/Cheatsheets
• https://github.com/0xJs/RedTeaming_CheatSheet/tree/main
• https://github.com/Bsal13/Offensive-Security-Proving-Grounds-Boxes
• https://github.com/maksyche/pentest-everything/tree/master/enum_and_exploit/tcp-20-21-ftp
• https://book.hacktricks.wiki/en/index.html

May need to check if these are useable on the exam

• https://gist.github.com/juanga333/fcd2699af8b38321e1acc7b7533445ef#ssh

Incredibly important cannot be ignored 10/10

• https://www.youtube.com/watch?v=TYLcYGZXODY