CPTS / OSCP
Wordlist
# WEB
/usr/share/wordlists/dirb/common.txt
/usr/share/dirb/wordlists/big.txt
/usr/share/wordlists/seclists/Discovery/Web-Content/raft-medium-directories-lowercase.txt
/usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt
# Passwords
/usr/share/wordlists/rockyou.txt
# Usernames
/usr/share/wordlists/dirb/others/names.txt
# Passwords Leak
https://scatteredsecrets.com
https://weleakinfo.io
https://haveibeenpwned.com
# Hashcat rules
/usr/share/hashcat/rules/
# Precomplied binaries for Windows
/usr/share/windows-resources/Cheat Sheet
https://github.com/0xsyr0/oscp
https://github.com/bryanqb07/oscp_notes
https://github.com/xsudoxx/OSCP
https://freedium.cfd/https://medium.com/@hunterid/recommendation-for-oscp-8477b0007154
https://github.com/intotheewild/OSCP-Checklist/
https://krovs.github.io/oscp-notes/
https://github.com/brianlam38/OSCP-2022/
https://www.linkedin.com/pulse/muhammad-nomans-oscp-journey-comprehensive-review-noman-khalid-rwmse/
# For AD
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
https://watchdogsacademy.gitbook.io/attacking-active-directory/
https://aditya-3.gitbook.io/oscp/
https://github.com/drak3hft7/Cheat-Sheet---Active-DirectoryScenarios
# File Read
/home/user/.ssh/id_rsa
/home/user/.ssh/id_ecdsa
- Allways try the machine name as user:pass OR admin:admin OR default creds
- Try share folder name as web directory
- if page require auth try adding : Authorization: Basic YWRtaW46YWRtaW4=Troubleshooting
# VPN issue with RDP
sudo ifconfig tun0 mtu 1250
https://help.offsec.com/hc/en-us/articles/360046293832-Common-VPN-and-Machine-VM-IssuesRessources
https://gtfobins.github.io
https://lolbas-project.github.io
https://wadcoms.github.io
https://swisskyrepo.github.io/InternalAllTheThings
https://swisskyrepo.github.io/PayloadsAllTheThings
https://ippsec.rocks
https://www.netexec.wiki
https://book.hacktricks.wikiLast updated