OSCP Guide 03/12 - Web

Подписаться 8 тыс.

Просмотров 4,1 тыс.

50% 1

In this video I continue my OSCP guide series in which I will share the knowledge I've obtained regarding OSCP, the PEN-200 course, and in general to help you prepare for your OSCP certification.
-------------------------
TIMESTAMP:
00:00 Introduction
01:40 OSCP Web content
04:55 SQL Injection
05:55 Directory Traversal
09:15 Local File Inclusion (LFI)
11:39 Remote File Inclusion (RFI)
13:15 File upload vulnerabilities
16:10 OS command injection
19:15 Cross-Site Scripting (XSS)
21:15 Auto-exploitation tools are not allowed
24:25 Cheatsheet - General enumeration
28:50 Cheatsheet - Brute forcing
31:10 Cheatsheet - HTTP enumeration
36:25 Cheatsheet - SMB enumeration
38:40 Cheatsheet - SNMP enumeration
42:37 Conclusion
-------------------------
RESOURCES:
- PEN-200 Course: www.offsec.com/courses/pen-200/
- Cheatsheet link: github.com/LeonardoE95/OSCP
- OSCP Guide blog post: blog.leonardotamiano.xyz/tech...
-------------------------
CONTACTS
- Technical blog: blog.leonardotamiano.xyz/
- Support my work: www.paypal.com/donate/?hosted...

Опубликовано:

3 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 20

@kbhushan12 15 дней назад

Great stuff mate. Thanks.

@user-qp8pg7wl2e 5 месяцев назад

Great stuff!! I have been through the OSCP course materials. Due to circumstances I had to interrupt my study for 3 months and am now using your material to refresh and condense the knowledge I gained from the course materials. This is proving very useful for picking up where I left off. Thank you for the hard and very systematic work!

@AlexSec 6 месяцев назад

Amazing stuff my friend!

@RootForce 8 месяцев назад

Thank you for everything you are putting out!!

@hexdump1337 8 месяцев назад

thank you for appreciating it!

@mariuscristianmircescu5646 8 месяцев назад

Great job with the CheatSheet. Thank you for your work

@hexdump1337 7 месяцев назад

Thank you

@simonnjugunamutua7923 5 месяцев назад

Thanks for the great work

@benny3158 7 месяцев назад

Great stuff!

@hexdump1337 7 месяцев назад

thanks

@martinlastname8548 7 месяцев назад

Thanks so much

@hexdump1337 7 месяцев назад

Thank you!

@RootForce 8 месяцев назад

I’m having a little trouble understanding out to fix exploits, you have any tips by chance? Thank you in advance

@hexdump1337 8 месяцев назад

preparing a video about that

@RootForce 8 месяцев назад

@@hexdump1337 you are the man!! Thank you!

@yoshi5113 Месяц назад

Hi, what kind of Notes you used? Its so awesome.❤

@hexdump1337 Месяц назад

You mean the software I use to take notes? Its Emacs! I made a video about it and u can find a lot more content in the web.

@yoshi5113 Месяц назад

@@hexdump1337 any emacs tutorial ? I wanna used it too for taking notes.

@aniketchauhan9782 2 месяца назад

Sqlmap is not allowed in OSCP??

@hexdump1337 2 месяца назад

Nope. The last time I read the rules it was not allowed, because it is considered an "auto-exploitation tool", meaning that not only it finds that a certain parameter is vulnerable to an SQL injection, it also finds the correct payload. That is, it "auto-exploits" the vulnerability. Those tools are not allowed (there are some special conditions for metasploit). Only enumeration tools are allowed.