Notes

OSEP Checklist

Byaghanim November 9, 2023December 15, 2023

Last Updated on December 15, 2023 by aghanim

OSEP/osep_checklistv2.md at main · In3x0rabl3/OSEP · GitHub

Web Application:

Unrestricted File upload (ASPX)
SQL Injection
Server Side Template Injection
RFI
LFI
Web Service
BruteForce
CVE
Phishing
Code Exec
BAD PDF

MSSQL:

Linked Servers
Priv Esc
Enable Shell
Code Exec
Relay netv2 hash

Privilege Escalation:

Windows

PowerUP
LinPeas
Creds in Config Files
SEimpersonation (PrintSpoofer,Spooler,etc)
ShadowCopy
Hivenightmare
Mimikatz
UAC
MSSQL
Listening Services
Kernel

Linux

Shared Library
Sudo
Groups
Listening Services
Ansible (Unix)
lse / Linpeas
JFROG

Lateral Movement:

LAPS
Unconstrained Delegation
Constrained Delegation
Resource Based Constrained Delegation
MSSQL Linked Servers
Pass the Ticket
Tickets in /tmp
Pass The Hash
Relay The Hash
Crack the Hash
RDP / SharpRDP
Web Application
Fileless Lateral Movement
Mimikatz
Ligolo-ng/chisel/Proxychains / Autoroute / SSH (Port Fowarding)
Bloodhound/SharpHound[.exe/.ps1]
JFROG
KEYTAB (Kerberos)
SSH
Ansible
SPOOLSS
Reuse of passwords (.\administrator NOT domain\administrator)
adPeas.ps1

Notes

THM – Command Injection – Part 11
Byaghanim December 30, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsWhat is Command Injection?Discovering Command InjectionExploiting Command InjectionDetecting Blind Command InjectionLinux WindowsRemediating Command InjectionVulnerable FunctionsInput sanitisationBypassing FiltersPractical: Command InjectionWhat user is…

Read More THM – Command Injection – Part 11
Notes

THM – Cross-site scripting (XSS) – Part 10
Byaghanim December 30, 2021March 24, 2023

Last Updated on March 24, 2023 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsXSS PayloadsWhat is a payload?Proof of ConceptSession StealingKey LoggerExampleBusiness LogicReflected XSSExample ScenarioPotential ImpactHow to test for Reflected XSSStored XSSExample ScenarioHow…

Read More THM – Cross-site scripting (XSS) – Part 10
Notes

THM – Upload Vulnerabilities – Part 13
Byaghanim September 26, 2021March 24, 2022

Last Updated on March 24, 2022 by aghanim This is a continued series where I document my path through different tryhackme courses. I recommend everyone that wants to learn cyber security to subscribe to tryhackme.com and take the courses there. Table Of ContentsIntroductionMethodology – EnumerationOverwriting Existing FilesRemote Code ExecutionFilteringClient-side filteringServer-side filteringExtension ValidationFile Type FilteringFile Length…

Read More THM – Upload Vulnerabilities – Part 13
Notes

THM – Authentication Bypass – Part 6
Byaghanim December 22, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim This is my notes from the Junior Pentesting course at TryHackMe. This course takes you through the basics and some advanced topics regarding penetration testing. Table Of ContentsUsername EnumerationBrute ForceLogical FlawWhat is a Logical Flaw?Logical Flaw ExampleLogic Flaw PracticalCookie TamperingPlain TextHashingEncoding Username Enumeration A helpful exercise to…

Read More THM – Authentication Bypass – Part 6
Notes

THM – Network Services – FTP – Part 4
Byaghanim April 4, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding FTP Enumerating FTP Exploiting FTP Understanding FTP What is FTP? File transfer protocol is a protocol used to allow remote transfer of files over a network. It uses a client-server model to do this. It relays command and data in a very efficient way. How does FTP work? A typical FTP session operates using two channels: A command channel A data channel The command channel is used for transmitting commands as well as replies to those commands, while the data channel is used for transferring data. …

Read More THM – Network Services – FTP – Part 4
Notes

THM – Network Services – MySQL – Part 8
Byaghanim April 4, 2021January 25, 2022

Last Updated on January 25, 2022 by aghanim Table Of ContentsUnderstanding MySQL Enumerating MySQL Exploit MySQL Understanding MySQL What is MySQL? In its simplest definition, MySQL is a relational database management system (RDBMS) based on Structured Query Language (SQL). Database: A database is simply a persistent, organized collection of structured data. RDBMS: A software or service used to create and manage databases based on…

Read More THM – Network Services – MySQL – Part 8

Similar Posts