Notes

OSEP Checklist

Byaghanim November 9, 2023December 15, 2023

Last Updated on December 15, 2023 by aghanim

OSEP/osep_checklistv2.md at main · In3x0rabl3/OSEP · GitHub

Web Application:

Unrestricted File upload (ASPX)
SQL Injection
Server Side Template Injection
RFI
LFI
Web Service
BruteForce
CVE
Phishing
Code Exec
BAD PDF

MSSQL:

Linked Servers
Priv Esc
Enable Shell
Code Exec
Relay netv2 hash

Privilege Escalation:

Windows

PowerUP
LinPeas
Creds in Config Files
SEimpersonation (PrintSpoofer,Spooler,etc)
ShadowCopy
Hivenightmare
Mimikatz
UAC
MSSQL
Listening Services
Kernel

Linux

Shared Library
Sudo
Groups
Listening Services
Ansible (Unix)
lse / Linpeas
JFROG

Lateral Movement:

LAPS
Unconstrained Delegation
Constrained Delegation
Resource Based Constrained Delegation
MSSQL Linked Servers
Pass the Ticket
Tickets in /tmp
Pass The Hash
Relay The Hash
Crack the Hash
RDP / SharpRDP
Web Application
Fileless Lateral Movement
Mimikatz
Ligolo-ng/chisel/Proxychains / Autoroute / SSH (Port Fowarding)
Bloodhound/SharpHound[.exe/.ps1]
JFROG
KEYTAB (Kerberos)
SSH
Ansible
SPOOLSS
Reuse of passwords (.\administrator NOT domain\administrator)
adPeas.ps1

Notes

THM – File Inclusion – Part 8
Byaghanim December 30, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionWhat is File inclusion?Why do File inclusion vulnerabilities happen?What is the risk of File inclusion?Path TraversalPath traversalWhat function causes path…

Read More THM – File Inclusion – Part 8
Notes

Handbook V – Maldev
Byaghanim December 20, 2023October 16, 2025

Last Updated on October 16, 2025 by aghanim Work in Progress Table Of ContentsCoursesSourcesx86 & x64 Assembler and DisassemblerCallback function listExample: Using CertEnumSystemStore Convert raw shellcode to raw binary formatEDR TelematryEDR Telematry v2Entropy reductionHijackLibsJoesandbox – Malware AnalysisMalapi.ioNo-defenderNtDoc – The native NT API online documentationParasite-invokeReverse engineering of everything MicrosoftVergilius projectUnprotect.itEvasion techniquesWindows Icons Courses SEKTOR7 Institute https://maldevacademy.com/ EvasionEDR…

Read More Handbook V – Maldev
Notes

THM – SSRF – Part 9
Byaghanim December 30, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is an SSRF?Types of SSRFWhat’s the impact?SSRF ExamplesFinding an SSRFDefeating Common SSRF DefensesDeny ListAllow ListOpen Redirect What is an…

Read More THM – SSRF – Part 9
Notes

THM – Metasploit Complete Documentation – Part 14
Byaghanim January 1, 2022January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsMetasploit: IntroductionMain Components of MetasploitMsfconsole exploit rankMetasploit: ExploitationTopicsScanningThe Metasploit DatabaseVulnerability ScanningExploitationWorking with sessionsMsfvenomOutput formatsEncodersOther PayloadsMeterpreterPost-Exploitation with MeterpreterHelpMeterpreter commandsMigrateHashdumpSearchShellPost-Explotation Challenge Metasploit:…

Read More THM – Metasploit Complete Documentation – Part 14
Notes

THM – Network Services – MySQL – Part 8
Byaghanim April 4, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding MySQL Enumerating MySQL Exploit MySQL Understanding MySQL What is MySQL? In its simplest definition, MySQL is a relational database management system (RDBMS) based on Structured Query Language (SQL). Database: A database is simply a persistent, organized collection of structured data. RDBMS: A software or service used to create and manage databases based on…

Read More THM – Network Services – MySQL – Part 8
Notes

Command And Control – C2 Framework
Byaghanim October 17, 2022October 3, 2024

Last Updated on October 3, 2024 by aghanim This is a list of Command and control (C2) servers that I’ve tested. Table Of ContentsCobalt StrikeCovenantInstallation and setupLisenersGruntsPowershell-Empire with StarkillerPoshC2GodGenesisMetasploitSliverLinks and tutorialInstallSliver and MetasploitBeacon vs sessionGenerating HTTP(S) Implants with certificateExtensions (Armory)CheatsheetExample getting beacon with msfBypassing defender with staged process hollowingHavoc C2InstallInstall the dependenciesUbuntu 20.04 / 22.04Kali…

Read More Command And Control – C2 Framework

Similar Posts