https://book.ghanim.no/index.php?action=history&feed=atom&title=Offensive_Security%2FOSEP_Checklist
Offensive Security/OSEP Checklist - Revision history
2026-04-21T13:25:31Z
Revision history for this page on the wiki
MediaWiki 1.45.1
https://book.ghanim.no/index.php?title=Offensive_Security/OSEP_Checklist&diff=1209&oldid=prev
imported>Aghanim at 14:23, 9 November 2023
2023-11-09T14:23:31Z
<p></p>
<p><b>New page</b></p><div>[https://github.com/In3x0rabl3/OSEP/blob/main/osep_checklistv2.md OSEP/osep_checklistv2.md at main · In3x0rabl3/OSEP · GitHub]<br />
<br />
<br />
'''Web Application:'''<br />
<br />
<br />
* Unrestricted File upload (ASPX)<br />
<br />
<br />
* SQL Injection<br />
<br />
<br />
* Server Side Template Injection<br />
<br />
<br />
* RFI<br />
<br />
<br />
* LFI<br />
<br />
<br />
* Web Service<br />
<br />
<br />
* BruteForce<br />
<br />
<br />
* CVE<br />
<br />
<br />
* Phishing<br />
<br />
<br />
* Code Exec<br />
<br />
<br />
* BAD PDF<br />
<br />
<br />
'''MSSQL:'''<br />
<br />
<br />
* Linked Servers<br />
<br />
<br />
* Priv Esc<br />
<br />
<br />
* Enable Shell<br />
<br />
<br />
* Code Exec<br />
<br />
<br />
* Relay netv2 hash<br />
<br />
<br />
'''Privilege Escalation:'''<br />
<br />
<br />
'''Windows'''<br />
<br />
<br />
* PowerUP<br />
<br />
<br />
* LinPeas<br />
<br />
<br />
* Creds in Config Files<br />
<br />
<br />
* SEimpersonation (PrintSpoofer,Spooler,etc)<br />
<br />
<br />
* ShadowCopy<br />
<br />
<br />
* Hivenightmare<br />
<br />
<br />
* Mimikatz<br />
<br />
<br />
* UAC<br />
<br />
<br />
* MSSQL<br />
<br />
<br />
* Listening Services<br />
<br />
<br />
* Kernel<br />
<br />
<br />
'''Linux'''<br />
<br />
<br />
* Shared Library<br />
<br />
<br />
* Sudo<br />
<br />
<br />
* Groups<br />
<br />
<br />
* Listening Services<br />
<br />
<br />
* Ansible (Unix)<br />
<br />
<br />
* lse / Linpeas<br />
<br />
<br />
* JFROG<br />
<br />
<br />
'''Lateral Movement:'''<br />
<br />
<br />
* LAPS<br />
<br />
<br />
* Unconstrained Delegation<br />
<br />
<br />
* Constrained Delegation<br />
<br />
<br />
* Resource Based Constrained Delegation<br />
<br />
<br />
* MSSQL Linked Servers<br />
<br />
<br />
* Pass the Ticket<br />
<br />
<br />
* Tickets in /tmp<br />
<br />
<br />
* Pass The Hash<br />
<br />
<br />
* Relay The Hash<br />
<br />
<br />
* Crack the Hash<br />
<br />
<br />
* RDP / SharpRDP<br />
<br />
<br />
* Web Application<br />
<br />
<br />
* Fileless Lateral Movement<br />
<br />
<br />
* Mimikatz<br />
<br />
<br />
* Ligolo-ng/chisel/Proxychains / Autoroute / SSH (Port Fowarding)<br />
<br />
<br />
* Bloodhound/SharpHound[.exe/.ps1]<br />
<br />
<br />
* JFROG<br />
<br />
<br />
* KEYTAB (Kerberos)<br />
<br />
<br />
* SSH<br />
<br />
<br />
* Ansible<br />
<br />
<br />
* SPOOLSS<br />
<br />
<br />
* Reuse of passwords (.\administrator NOT domain\administrator)<br />
<br />
<br />
* adPeas.ps1<br />
<br />
[[Category:Offensive Security]]</div>
imported>Aghanim