Advertisement
Guest User

Untitled

a guest
Feb 17th, 2017
3,985
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.83 KB | None | 0 0
  1. Good reviews of CTP/OSCE (in no particular order):
  2. Note: * mark means look for other posts on this blog
  3. https://www.jollyfrogs.com
  4. *http://www.securitysift.com/offsec-ctp-osce/
  5. *http://buffered.io/posts/osce-and-me/
  6. http://www.iodigitalsec.com/offensive-security-ctp-course-and-osce-certification-review/
  7. *http://ethicalhacker.io/post/137403906740/osce-exam-prep
  8. https://blog.g0tmi1k.com/2013/08/cracking-perimeter-ctp-offensive/
  9. *https://infamoussyn.com/resources/
  10. http://www.vividmachines.com/shellcode/shellcode.html
  11. http://www.primalsecurity.net/course-review-osce/
  12. *http://netsec.ws/?p=517
  13. http://tekwizz123.blogspot.sg/2014/09/osce-review-and-experience.html
  14. https://networkfilter.blogspot.sg/2016/01/my-osce-review.html
  15. https://www.blogtecnico.net/certificacion-osce-review-cracking-the-perimeter-ctp/
  16. ******* https://github.com/reider-roque
  17. http://shell-storm.org/shellcode/
  18.  
  19. Tutorial sites (more stars = better/recommended):
  20. https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/
  21. http://www.0daysecurity.com/pentest.html
  22. http://ly0n.me/2015/10/19/lfi-beyond-procselfenviron/
  23. ********************http://phrack.org/issues/62/7.html
  24. ***************************http://0xdabbad00.com/2012/12/09/hurdles-for-a-beginner-to-exploit-a-simple-vulnerability-on-modern-windows/
  25. **********************https://community.rapid7.com/community/metasploit/blog/2012/07/05/part-1-metasploit-module-development--the-series
  26. ***** http://resources.infosecinstitute.com/intro-to-fuzzing/
  27. ******* https://madmantm.wordpress.com/
  28. https://www.fuzzysecurity.com/tutorials.html
  29. https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/
  30. http://netsec.ws/?p=180
  31. http://netsec.ws/?p=430
  32. http://netsec.ws/?cat=57
  33. ************************http://blog.stalkr.net/2011/04/pctf-2011-22-hashcalc1.html
  34. https://ionize.com.au/its-all-about-inclusion/
  35. https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/
  36. https://www.idontplaydarts.com/2011/03/php-remote-file-inclusion-command-shell-using-data-stream/
  37. https://www.idontplaydarts.com/2011/02/using-php-filter-for-local-file-inclusion/
  38. https://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
  39. https://sites.google.com/site/xssvulnerabilities/bypassing-browser-anti-xss-filters
  40. http://carnal0wnage.attackresearch.com/
  41. **https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
  42. https://www.kernel-exploits.com/
  43. http://www.thegreycorner.com/2010/01/seh-stack-based-windows-buffer-overflow.html
  44. http://www.thegreycorner.com/2010/02/windows-buffer-overflow-tutorial.html
  45. http://www.thegreycorner.com/2010/01/beginning-stack-based-buffer-overflow.html
  46. https://www.corelan.be/index.php/2011/07/03/universal-depaslr-bypass-with-msvcr71-dll-and-mona-py/
  47. https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/
  48. https://www.corelan.be/index.php/2010/03/27/quickzip-stack-bof-0day-a-box-of-chocolates/
  49. https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
  50. https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/
  51. https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/
  52. https://www.corelan.be/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/
  53. https://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/
  54. https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/
  55. https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/
  56. https://www.corelan.be/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/
  57. https://www.corelan.be/index.php/2010/01/09/exploit-writing-tutorial-part-8-win32-egg-hunting/
  58. https://www.corelan.be/index.php/2010/01/26/starting-to-write-immunity-debugger-pycommands-my-cheatsheet/
  59. https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/
  60. https://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
  61. https://sites.google.com/site/xssvulnerabilities/bypassing-browser-anti-xss-filters
  62. ***** https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
  63. https://github.com/sploitfun/lsploits
  64. http://blog.pusheax.com/2013/03/exploit-writing-stack-based-buffer.html
  65. http://www.keystone-engine.org/docs/tutorial.html
  66. http://resources.infosecinstitute.com/analysis-of-malware-samples/
  67. http://www.fuzzysecurity.com/tutorials/7.html
  68. ***** https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/
  69. ** http://phrack.org/issues/67/13.html
  70. http://www.securepla.net/
  71. ***** http://programming4.us/security/688.aspx
  72. http://resources.infosecinstitute.com/buffer-overflow-vulnserver/
  73. ***** http://www.primalsecurity.net/0x8-exploit-tutorial-the-elusive-egghunter/
  74. ********** https://blog.techorganic.com/2014/05/14/from-fuzzing-to-0-day/
  75. *********************** http://www.flinkd.org/2011/07/fuzzing-with-peach-part-1/
  76. ************ http://realpentesting.blogspot.sg/2013/04/0day-bug-hunting-realpentesting.html
  77. ******** https://samsclass.info/127/proj/vuln-server.htm
  78. **************** http://www.rockfishsec.com/2014/01/fuzzing-vulnserver-with-peach-3.html
  79. ********************* http://www.thegreycorner.com/p/vulnserver.html
  80. *********** http://resources.infosecinstitute.com/seh-exploit/
  81. *****************https://www.offensive-security.com/vulndev/quickzip-stack-bof-0day-a-box-of-chocolates/
  82.  
  83.  
  84. Cheatsheets:
  85. https://highon.coffee/blog/lfi-cheat-sheet/
  86. http://ethicalhacker.io/post/137403906740/osce-exam-prep
  87. https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
  88. http://htmlpurifier.org/live/smoketests/xssAttacks.php
  89. https://www.bnxnet.com/wp-content/uploads/2015/01/WinAPIs_for_hackers.pdf
  90. http://www.securepla.net/wiki/index.php?title=Cheat_Sheets
  91. http://www.securepla.net/wiki/index.php?title=Network_Attack_Cheat_Sheet
  92. https://www.securepla.net/wiki/index.php?title=Web_App_Cheat_Sheet
  93. http://www.securepla.net/wiki/index.php?title=Web_Scanning_Cheat_Sheet
  94. http://www.securepla.net/wiki/index.php?title=Malware_Cheat_Sheet
  95. http://sparksandflames.com/files/x86InstructionChart.html
  96.  
  97. Good practice sites:
  98. http://www.primalsecurity.net/tutorials/exploit-tutorials/
  99. http://www.securitysift.com/windows-exploit-development-part-6-seh-exploits/
  100. https://v00d00sec.com/2015/09/14/manually-backdooring-windows-executables/
  101. https://www.corelan.be/index.php/articles/
  102. http://fuzzysecurity.com/tutorials.html
  103. http://exploit-exercises.com/protostar
  104. http://exploit-exercises.com/fusion
  105. http://ihazomgsecurityskillz.blogspot.com/
  106. http://opensecuritytraining.info/Training.html
  107. https://trailofbits.github.io/ctf/index.html
  108. http://tuts4you.com/download.php?list.17
  109. http://tuts4you.com/download.php?list.29
  110. http://tuts4you.com/download.php?list.3
  111. http://www.openrce.org/downloads/
  112. http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/index.html
  113. http://tuts4you.com/download.php?list.67
  114. http://www.binary-auditing.com/
  115. https://blog.g0tmi1k.com/dvwa/index/
  116. http://www.vividmachines.com/shellcode/shellcode.html
  117. https://www.exploit-db.com/exploits/17527/
  118. https://www.exploit-db.com/exploits/11834/
  119. https://www.exploit-db.com/exploits/11872/
  120. https://www.exploit-db.com/exploits/11764/
  121. https://www.exploit-db.com/exploits/11656/
  122. https://www.exploit-db.com/exploits/33453/
  123. https://github.com/WebGoat/WebGoat
  124. http://www.gironsec.com/blog/2016/06/backdooring-a-dll/
  125. http://blog.knapsy.com/blog/2015/11/25/easy-file-sharing-web-server-v7-dot-2-remote-seh-buffer-overflow-dep-bypass-with-rop/
  126. https://www.offensive-security.com/0day/quick-tftp-poc.py.txt
  127. https://www.exploit-db.com/author/?a=278
  128. **** https://samsclass.info/127/proj/p4-lbuf-shell.htm
  129. **** http://www.securitysift.com/windows-exploit-development-part-1-basics/
  130. ******* https://securitycafe.ro/2015/10/30/introduction-to-windows-shellcode-development-part1/
  131. ******* https://securitycafe.ro/2015/12/14/introduction-to-windows-shellcode-development-part-2/
  132. ************* http://www.vividmachines.com/shellcode/shellcode.html
  133.  
  134. Vulnerable machines:
  135. vulnhub VMs:
  136. SickOS 1.1
  137. SickOS 1.2
  138. Droopy v0.2
  139. Kevgir
  140. Pegasus
  141. SecTalks: BNE0x00 - Minotaur
  142. SecTalks: BNE0x03 - Simple
  143. NullByte: 1
  144. FristiLeaks 1.3
  145. OWASP Vulnerable Web Applications Directory Project
  146. Mutillidae
  147. Damn Vulnerable Web Application
  148.  
  149. LFI/RFI
  150. https://penetrate.io/2014/01/10/from-rfi-to-shell/
  151.  
  152. Backdooring files with Python:
  153. https://github.com/secretsquirrel/the-backdoor-factory
  154.  
  155. eBooks downloads:
  156. http://www.ebook777.com/gray-hat-hacking-ethical-hackers-handbook-fourth-edition/
  157. https://github.com/JpGallegos/CySecBooks
  158. https://www.securepla.net/the-hacker-playbook-2/
  159. "Hacking: The Art of Exploitation"
  160.  
  161. https://www.linkedin.com/pulse/osce-cracking-perimeter-experience-sunny-neo
  162. - Fuzzing (Scapy, TAO, Sulley)
  163. - Linux Exploitation (vanila stack overflow, return to Glibc - NX bypass, repairing stack canaries, ASLR bypasses) and Windows exploitation (SEH overwrite, Return Oriented Programming into disabling DEP)
  164. - Web Application Hacker's Handbook (might be too large: Consider "webgoat")
  165.  
  166. Various sites:
  167. http://www.sweetscape.com/ (010 Editor)
  168. https://github.com/campagnola/pycca
  169. https://github.com/Gallopsled/pwntools
  170. https://github.com/reyammer/shellnoob
  171. https://zeltser.com/convert-shellcode-to-assembly/
  172. http://files.cnblogs.com/files/exclm/ollydbg_cmdline_cheat_sheet.pdf
  173. http://bernardodamele.blogspot.sg/2011/09/reverse-shells-one-liners.html
  174. https://www.digitalocean.com/community/tutorials/how-to-use-bash-history-commands-and-expansions-on-a-linux-vps
  175. https://github.com/peterferrie/win-exec-calc-shellcode
  176. http://www.secniu.com/why-my-shellcode-cannot-work/
  177. http://thestarman.pcministry.com/asm/2bytejumps.htm
  178. http://blog.noobroot.com/
  179. https://www.exploit-db.com/exploits/5342/
  180. http://exploit.co.il/hacking/manual-egghuntershellcode-encoding/
  181. https://github.com/salcho/codetz
  182. http://xangosec.blogspot.sg/2014/08/automating-sub-encoder.html
  183. http://www.fuzzing.org/
  184. http://resources.infosecinstitute.com/pattern-based-approach-memory-shellcodes-detection/
  185. https://www.offensive-security.com/metasploit-unleashed/alphanumeric-shellcode/
  186. https://0x41.no/hacking-networks-with-snmp/
  187. http://danielebellavista.blogspot.sg/2014/10/ia32-shellcodes-get-eip-value.html
  188. http://www.thepentesters.net/tutorials/tricks-escaping-linux-restricted-shells/
  189. http://codemachine.com/downloads.html
  190.  
  191. Fun random stuff:
  192. http://patriciopalladino.com/files/hieroglyphy/
  193. http://n01g3l.tumblr.com/
  194. https://twitter.com/ch3rn0byl/status/832681279900487680
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement