Notes

OSEP Checklist

Byaghanim November 9, 2023December 15, 2023

OSEP/osep_checklistv2.md at main · In3x0rabl3/OSEP · GitHub

Web Application:

Unrestricted File upload (ASPX)
SQL Injection
Server Side Template Injection
RFI
LFI
Web Service
BruteForce
CVE
Phishing
Code Exec
BAD PDF

MSSQL:

Linked Servers
Priv Esc
Enable Shell
Code Exec
Relay netv2 hash

Privilege Escalation:

Windows

PowerUP
LinPeas
Creds in Config Files
SEimpersonation (PrintSpoofer,Spooler,etc)
ShadowCopy
Hivenightmare
Mimikatz
UAC
MSSQL
Listening Services
Kernel

Linux

Shared Library
Sudo
Groups
Listening Services
Ansible (Unix)
lse / Linpeas
JFROG

Lateral Movement:

LAPS
Unconstrained Delegation
Constrained Delegation
Resource Based Constrained Delegation
MSSQL Linked Servers
Pass the Ticket
Tickets in /tmp
Pass The Hash
Relay The Hash
Crack the Hash
RDP / SharpRDP
Web Application
Fileless Lateral Movement
Mimikatz
Ligolo-ng/chisel/Proxychains / Autoroute / SSH (Port Fowarding)
Bloodhound/SharpHound[.exe/.ps1]
JFROG
KEYTAB (Kerberos)
SSH
Ansible
SPOOLSS
Reuse of passwords (.\administrator NOT domain\administrator)
adPeas.ps1

Notes

THM – Walking An Application – Part 3

Byaghanim December 22, 2021January 25, 2022

This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionExploring The WebsiteViewing the Page SourceHow do I view the Page Source?Let’s view some Page Source!Developer Tools – InspectorDeveloper ToolsInspectorDeveloper Tools – DebuggerDeveloper Tools – DebuggerDeveloper Tools –…

Notes

THM – Windows Exploitation Basics – Part 17

Byaghanim September 29, 2021January 25, 2022

This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsWindows file system and permissions explainedUnderstanding the authentication process Windows file system and permissions explained What is the file system? It…

Notes

THM – How Websites Work – Part 9

Byaghanim May 22, 2021January 25, 2022

Table Of ContentsHow websites work HTML JavaScript Sensitive Data Exposure HTML Injection How websites work When you visit a website, your browser makes a request to a web server asking for information about the page you’re visiting and will respond with data that your browser uses to show you the page; a web server is just a dedicated computer that handles your requests. …

Notes

Buffer Overflow – Notes and cheatsheet

Byaghanim March 21, 2022September 25, 2022

Buffers are memory storage regions that temporarily hold data while it is being transferred from one location to another. A buffer overflow (or buffer overrun) occurs when the volume of data exceeds the storage capacity of the memory buffer. As a result, the program attempting to write the data to the buffer overwrites adjacent memory…

Notes

THM – Content Discovery – Part 4

Byaghanim December 22, 2021January 25, 2022

This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is content Discovery?Manual Discovery – Robots.txtRobots.txtManual Discovery – FaviconFaviconManual Discovery – Sitemap.xmlSitemap.xmlManual Discovery – HTTP HeadersHTTP HeadersManual Discovery – Framework StackFramework StackOSINT – Google Hacking/DorkingGoogle Hacking /…

Notes

THM – SSRF – Part 9

Byaghanim December 30, 2021January 25, 2022

This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is an SSRF?Types of SSRFWhat’s the impact?SSRF ExamplesFinding an SSRFDefeating Common SSRF DefensesDeny ListAllow ListOpen Redirect What is an SSRF? SSRF stands for Server-Side Request Forgery. It’s…

Similar Posts