Notes

OSEP Checklist

Byaghanim November 9, 2023December 15, 2023

Last Updated on December 15, 2023 by aghanim

OSEP/osep_checklistv2.md at main · In3x0rabl3/OSEP · GitHub

Web Application:

Unrestricted File upload (ASPX)
SQL Injection
Server Side Template Injection
RFI
LFI
Web Service
BruteForce
CVE
Phishing
Code Exec
BAD PDF

MSSQL:

Linked Servers
Priv Esc
Enable Shell
Code Exec
Relay netv2 hash

Privilege Escalation:

Windows

PowerUP
LinPeas
Creds in Config Files
SEimpersonation (PrintSpoofer,Spooler,etc)
ShadowCopy
Hivenightmare
Mimikatz
UAC
MSSQL
Listening Services
Kernel

Linux

Shared Library
Sudo
Groups
Listening Services
Ansible (Unix)
lse / Linpeas
JFROG

Lateral Movement:

LAPS
Unconstrained Delegation
Constrained Delegation
Resource Based Constrained Delegation
MSSQL Linked Servers
Pass the Ticket
Tickets in /tmp
Pass The Hash
Relay The Hash
Crack the Hash
RDP / SharpRDP
Web Application
Fileless Lateral Movement
Mimikatz
Ligolo-ng/chisel/Proxychains / Autoroute / SSH (Port Fowarding)
Bloodhound/SharpHound[.exe/.ps1]
JFROG
KEYTAB (Kerberos)
SSH
Ansible
SPOOLSS
Reuse of passwords (.\administrator NOT domain\administrator)
adPeas.ps1

Notes

THM – Command Injection – Part 11
Byaghanim December 30, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is Command Injection?Discovering Command InjectionExploiting Command InjectionDetecting Blind Command InjectionLinux WindowsRemediating Command InjectionVulnerable FunctionsInput sanitisationBypassing FiltersPractical: Command InjectionWhat user is…

Read More THM – Command Injection – Part 11
Notes

THM – Encryption – Part 16
Byaghanim September 26, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsKey TermsWhy is Encryption importantRSA – Rivest Shamir AdlemanDigital signatures and CertificatesSSH AuthenticationExplaining…

Read More THM – Encryption – Part 16
Notes

AV Evasion 101: Essential Techniques and Concepts
Byaghanim February 7, 2023December 11, 2023

Last Updated on December 11, 2023 by aghanim Table Of ContentsSourceGood toolsMalware forums/channels/discordTest payload against AVDefcon – Writing custom backdoor payloads with C#Step by Step for obfuscating codeAV Evasion MindMap – From Start to finishGeneral AV Evasion cheatsheetCheck AV – Running, Exclusion, DisableWindows FirewallPowershell – ASMI bypass methods, Disable AV, etcAMSI BypassBypass CLM (Constrained Language…

Read More AV Evasion 101: Essential Techniques and Concepts
Notes

Active Directory – Notes, Methodology, Cheatsheet
Byaghanim June 15, 2022October 17, 2025

Last Updated on October 17, 2025 by aghanim These are my notes from the Active Directory networks at TryHackMe, as well as notes from other sources. Inspo: Work in progress Table Of ContentsReferences MatrixLOLBAS – Living off the landWADComs – Very useful cheatsheetIcebreakerAD MethodologyMindmap – Current 2025Mindmap – Nr 2Mindmap – Nr 3Active Directory TheoryObject…

Read More Active Directory – Notes, Methodology, Cheatsheet
Notes

Pivoting and port forwarding guide
Byaghanim August 25, 2022June 1, 2023

Last Updated on June 1, 2023 by aghanim This is notes taken from the THM room ‘Wreath’, which is a great room for learning Active Directory and pivoting. https://www.tryhackme.com/room/wreath And from other sources. Table Of ContentsSummaryWhat is pivoting?High level overviewEnumerationProxychains & FoxyProxyProxychainsFoxyProxySSH Tunnelig / Port ForwardingForward ConnectionsNMAP with SSH proxyReverse ConnectionsSSH Remote Port Forwarding (From…

Read More Pivoting and port forwarding guide
Notes

THM – Metasploit Complete Documentation – Part 14
Byaghanim January 1, 2022January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsMetasploit: IntroductionMain Components of MetasploitMsfconsole exploit rankMetasploit: ExploitationTopicsScanningThe Metasploit DatabaseVulnerability ScanningExploitationWorking with sessionsMsfvenomOutput formatsEncodersOther PayloadsMeterpreterPost-Exploitation with MeterpreterHelpMeterpreter commandsMigrateHashdumpSearchShellPost-Explotation Challenge Metasploit:…

Read More THM – Metasploit Complete Documentation – Part 14

Similar Posts