Notes

OSEP Checklist

Byaghanim November 9, 2023December 15, 2023

Last Updated on December 15, 2023 by aghanim

OSEP/osep_checklistv2.md at main · In3x0rabl3/OSEP · GitHub

Web Application:

Unrestricted File upload (ASPX)
SQL Injection
Server Side Template Injection
RFI
LFI
Web Service
BruteForce
CVE
Phishing
Code Exec
BAD PDF

MSSQL:

Linked Servers
Priv Esc
Enable Shell
Code Exec
Relay netv2 hash

Privilege Escalation:

Windows

PowerUP
LinPeas
Creds in Config Files
SEimpersonation (PrintSpoofer,Spooler,etc)
ShadowCopy
Hivenightmare
Mimikatz
UAC
MSSQL
Listening Services
Kernel

Linux

Shared Library
Sudo
Groups
Listening Services
Ansible (Unix)
lse / Linpeas
JFROG

Lateral Movement:

LAPS
Unconstrained Delegation
Constrained Delegation
Resource Based Constrained Delegation
MSSQL Linked Servers
Pass the Ticket
Tickets in /tmp
Pass The Hash
Relay The Hash
Crack the Hash
RDP / SharpRDP
Web Application
Fileless Lateral Movement
Mimikatz
Ligolo-ng/chisel/Proxychains / Autoroute / SSH (Port Fowarding)
Bloodhound/SharpHound[.exe/.ps1]
JFROG
KEYTAB (Kerberos)
SSH
Ansible
SPOOLSS
Reuse of passwords (.\administrator NOT domain\administrator)
adPeas.ps1

Notes

THM – Network Services – Telnet – Part 5
Byaghanim April 4, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding telnet Enumerating Telnet Exploiting telnet Understanding telnet What is telnet? Telnet is an application protocol which allows you, with the use of telnet client, to connect to and execute commands on a remote machine that’s hosting a telnet server. The telnet client will establish a connection with the server. The client will then…

Read More THM – Network Services – Telnet – Part 5
Notes

THM – Burp suite – Part 11
Byaghanim May 22, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim Table Of ContentsIntro Proxy Target Definition TASKS Tasks Tasks Tasks Tasks Intro Burp Suite is a framework of web appliccation pentesting tool. It is used to perform web app testing. To install burp suite follow this guide. https://portswigger.net/burp/documentation/desktop/getting-started Overview of Features Proxy – What allows us to funnel traffic through Burp Suite for further analysis Target – How we set the scope of our project. We can also use this to effectively create a…

Read More THM – Burp suite – Part 11
Notes

THM – File Inclusion – Part 8
Byaghanim December 30, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsIntroductionWhat is File inclusion?Why do File inclusion vulnerabilities happen?What is the risk of File inclusion?Path TraversalPath traversalWhat function causes path…

Read More THM – File Inclusion – Part 8
Notes

THM – Intro to pentesting – Fundamentals – Part 1
Byaghanim December 22, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsPenetration testing ethicsRules of Engagement (ROE)Penetration Testing MethodoligiesOSSTMMOWASPNIST Cybersecurity Framework 1.1NCSC CAFBlack box, White box, Grey box penetration testingBlack-Box testingGrey-box…

Read More THM – Intro to pentesting – Fundamentals – Part 1
Notes

TryHackMe – Network Fundementals – Part 1
Byaghanim April 4, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim Table Of ContentsForewordsIntroduction NetworkingThe OSI Model: OverviewEncapsulationTCP/IP Forewords In this blog series I will write down my notes from the courses I take from TryHackMe. This series is from the Complete beginner course where I will go through Network security, Web App security, different tools I use…

Read More TryHackMe – Network Fundementals – Part 1
Notes

THM – Linux Privilege Escalation – Part 15
Byaghanim January 2, 2022September 28, 2022

Last Updated on September 28, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsLinux Privilege escalation checklistEnumerationhostnameuname -a/proc/version/etc/issueps Commandenvsudo -llsId/etc/passwdhistoryifconfignetstatfind CommandFind files:General Linux CommandsAutomated Enumeration ToolsPrivilege Escalation: Kernel ExploitsHint/notes Privilege Escalation: SudoLeverage LD_PRELOADPrivilege Escalation:…

Read More THM – Linux Privilege Escalation – Part 15

Similar Posts