Links:
https://www.offensive-security.com/
https://github.com/OlivierLaflamme/Cheatsheet-God
https://scriptdotsh.com/
Study Materials:
Advanced Penetration Testing - https://www.cybrary.it/course/
Python for Security Professionals - https://cybrary.it/course/
Zero to Hero Pentesting - https://www.youtube.com/
Beginner Linux for Ethical Hackers - https://www.youtube.com/
Buffer Overflows Made Easy - https://www.youtube.com/
Communities:
The CyberSec Lounge Discord – https://discord.gg/nVsfhFk
The Many Hats Club Discord – https://discord.gg/infosec
The Cyber Mentor Discord – https://discord.gg/REfpPJB
VetSec Slack (Military) – https://veteransec.com/slack
The Penetration Testing Community Discord – https://discord.gg/GXsEJqj
Laptop Hacking Coffee Discord – https://discord.gg/WfYmeKv
Hacker101 Discord – https://discord.gg/Da6JskV
NetSecStudents Discord – https://discord.gg/usn6qc6
Alternatives: eLearnSecurity PTP - https://www.elearnsecurity.
There's a ton of resources online for OSCP. Check out abatchy's prep guide: https://www.abatchy.com/2017/
Some VMs to practise on:
(#1) Kioptrix: 2014 https://www.vulnhub.com/entry/
(#2) FristiLeaks: 1.3 https://www.vulnhub.com/entry/
(#3) Stapler: 1 https://www.vulnhub.com/entry/
(#4) VulnOS: 2 https://www.vulnhub.com/entry/
(#5) SickOs: 1.2 https://www.vulnhub.com/entry/
(#6) Brainpan: 1 https://www.vulnhub.com/entry/
(#7) HackLAB: Vulnix https://www.vulnhub.com/entry/
(#8) /dev/random: scream https://www.vulnhub.com/entry/
(#9) pWnOS: 2.0 https://www.vulnhub.com/entry/
(#10) SkyTower: 1 https://www.vulnhub.com/entry/
https://norseblog.org/2018/07/05/oscp-journey/
What is CTF? (this channel is gold, use it) - https://www.youtube.com/watch?
More on /u/liveoverflow, http://www.liveoverflow.com is hands down one of the best places to learn, along with r/liveoverflow
CTF compact guide - https://ctf101.org/
Upcoming CTF events online/irl, live team scores - https://ctftime.org/
What is CTF? - https://ctftime.org/ctf-wtf/
Full list of all CTF challenge websites - http://captf.com/practice-ctf/
> be careful of the tool oriented offensivesec oscp ctf's, they teach you hardly anything compared to these ones and almost always require the use of metasploit or some other program which does all the work for you.
- http://pwnable.tw/ (a newer set of high quality pwnable challenges)
- http://pwnable.kr/ (one of the more popular recent wargamming sets of challenges)
- https://picoctf.com/ (Designed for high school students while the event is usually new every year, it's left online and has a great difficulty progression)
- https://microcorruption.com/
login (one of the best interfaces, a good difficulty curve and introduction to low-level reverse engineering, specifically on an MSP430) - http://ctflearn.com/ (a new CTF based learning platform with user-contributed challenges)
- https://maxkersten.nl/binary-
analysis-course/ (suggested by /u/ThisIsLibra, a practical binary analysis course) - https://pwnadventure.com (suggested by /u/startnowstop)
http://picoctf.com is very good if you are just touching the water.
and finally,
r/netsec - where real world vulnerabilities are shared.
https://timborninkhof.com/oscp-exam-review/
No comments:
Post a Comment