Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
XCHADXFAQ77X
GitHub Repository: XCHADXFAQ77X/HACKING-BOOKS-X
 Path: blob/master/5-part-100-article/Good reviews of CT-OSCE .txt
317 views
1
Good reviews of CTP/OSCE (in no particular order):

2
Note: * mark means look for other posts on this blog

3
https://www.jollyfrogs.com

4
*http://www.securitysift.com/offsec-ctp-osce/

5
*http://buffered.io/posts/osce-and-me/

6
http://www.iodigitalsec.com/offensive-security-ctp-course-and-osce-certification-review/

7
*http://ethicalhacker.io/post/137403906740/osce-exam-prep

8
https://blog.g0tmi1k.com/2013/08/cracking-perimeter-ctp-offensive/

9
*https://infamoussyn.com/resources/

10
http://www.vividmachines.com/shellcode/shellcode.html

11
http://www.primalsecurity.net/course-review-osce/

12
*http://netsec.ws/?p=517

13
http://tekwizz123.blogspot.sg/2014/09/osce-review-and-experience.html

14
https://networkfilter.blogspot.sg/2016/01/my-osce-review.html

15
https://www.blogtecnico.net/certificacion-osce-review-cracking-the-perimeter-ctp/

16
******* https://github.com/reider-roque

17
http://shell-storm.org/shellcode/

18


19
Tutorial sites (more stars = better/recommended):

20
https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/

21
http://www.0daysecurity.com/pentest.html

22
http://ly0n.me/2015/10/19/lfi-beyond-procselfenviron/

23
********************http://phrack.org/issues/62/7.html

24
***************************http://0xdabbad00.com/2012/12/09/hurdles-for-a-beginner-to-exploit-a-simple-vulnerability-on-modern-windows/

25
**********************https://community.rapid7.com/community/metasploit/blog/2012/07/05/part-1-metasploit-module-development--the-series

26
***** http://resources.infosecinstitute.com/intro-to-fuzzing/

27
******* https://madmantm.wordpress.com/

28
https://www.fuzzysecurity.com/tutorials.html

29
https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/

30
http://netsec.ws/?p=180

31
http://netsec.ws/?p=430

32
http://netsec.ws/?cat=57

33
************************http://blog.stalkr.net/2011/04/pctf-2011-22-hashcalc1.html

34
https://ionize.com.au/its-all-about-inclusion/

35
https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/

36
https://www.idontplaydarts.com/2011/03/php-remote-file-inclusion-command-shell-using-data-stream/

37
https://www.idontplaydarts.com/2011/02/using-php-filter-for-local-file-inclusion/

38
https://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/

39
https://sites.google.com/site/xssvulnerabilities/bypassing-browser-anti-xss-filters

40
http://carnal0wnage.attackresearch.com/

41
**https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/

42
https://www.kernel-exploits.com/

43
http://www.thegreycorner.com/2010/01/seh-stack-based-windows-buffer-overflow.html

44
http://www.thegreycorner.com/2010/02/windows-buffer-overflow-tutorial.html

45
http://www.thegreycorner.com/2010/01/beginning-stack-based-buffer-overflow.html

46
https://www.corelan.be/index.php/2011/07/03/universal-depaslr-bypass-with-msvcr71-dll-and-mona-py/

47
https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/

48
https://www.corelan.be/index.php/2010/03/27/quickzip-stack-bof-0day-a-box-of-chocolates/

49
https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

50
https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/

51
https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/

52
https://www.corelan.be/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/

53
https://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/

54
https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/

55
https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/

56
https://www.corelan.be/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/

57
https://www.corelan.be/index.php/2010/01/09/exploit-writing-tutorial-part-8-win32-egg-hunting/

58
https://www.corelan.be/index.php/2010/01/26/starting-to-write-immunity-debugger-pycommands-my-cheatsheet/

59
https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/

60
https://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/

61
https://sites.google.com/site/xssvulnerabilities/bypassing-browser-anti-xss-filters

62
***** https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/

63
https://github.com/sploitfun/lsploits

64
http://blog.pusheax.com/2013/03/exploit-writing-stack-based-buffer.html

65
http://www.keystone-engine.org/docs/tutorial.html

66
http://resources.infosecinstitute.com/analysis-of-malware-samples/

67
http://www.fuzzysecurity.com/tutorials/7.html

68
***** https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/

69
** http://phrack.org/issues/67/13.html

70
http://www.securepla.net/

71
***** http://programming4.us/security/688.aspx

72
http://resources.infosecinstitute.com/buffer-overflow-vulnserver/

73
***** http://www.primalsecurity.net/0x8-exploit-tutorial-the-elusive-egghunter/

74
********** https://blog.techorganic.com/2014/05/14/from-fuzzing-to-0-day/

75
*********************** http://www.flinkd.org/2011/07/fuzzing-with-peach-part-1/

76
************ http://realpentesting.blogspot.sg/2013/04/0day-bug-hunting-realpentesting.html

77
******** https://samsclass.info/127/proj/vuln-server.htm

78
**************** http://www.rockfishsec.com/2014/01/fuzzing-vulnserver-with-peach-3.html

79
********************* http://www.thegreycorner.com/p/vulnserver.html

80
*********** http://resources.infosecinstitute.com/seh-exploit/

81
*****************https://www.offensive-security.com/vulndev/quickzip-stack-bof-0day-a-box-of-chocolates/

82


83


84
Cheatsheets: 

85
https://highon.coffee/blog/lfi-cheat-sheet/

86
http://ethicalhacker.io/post/137403906740/osce-exam-prep

87
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet

88
http://htmlpurifier.org/live/smoketests/xssAttacks.php

89
https://www.bnxnet.com/wp-content/uploads/2015/01/WinAPIs_for_hackers.pdf

90
http://www.securepla.net/wiki/index.php?title=Cheat_Sheets

91
http://www.securepla.net/wiki/index.php?title=Network_Attack_Cheat_Sheet

92
https://www.securepla.net/wiki/index.php?title=Web_App_Cheat_Sheet

93
http://www.securepla.net/wiki/index.php?title=Web_Scanning_Cheat_Sheet

94
http://www.securepla.net/wiki/index.php?title=Malware_Cheat_Sheet

95
http://sparksandflames.com/files/x86InstructionChart.html

96


97
Good practice sites:

98
http://www.primalsecurity.net/tutorials/exploit-tutorials/

99
http://www.securitysift.com/windows-exploit-development-part-6-seh-exploits/

100
https://v00d00sec.com/2015/09/14/manually-backdooring-windows-executables/

101
https://www.corelan.be/index.php/articles/

102
http://fuzzysecurity.com/tutorials.html

103
http://exploit-exercises.com/protostar

104
http://exploit-exercises.com/fusion

105
http://ihazomgsecurityskillz.blogspot.com/

106
http://opensecuritytraining.info/Training.html

107
https://trailofbits.github.io/ctf/index.html

108
http://tuts4you.com/download.php?list.17

109
http://tuts4you.com/download.php?list.29

110
http://tuts4you.com/download.php?list.3

111
http://www.openrce.org/downloads/

112
http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/index.html

113
http://tuts4you.com/download.php?list.67

114
http://www.binary-auditing.com/

115
https://blog.g0tmi1k.com/dvwa/index/

116
http://www.vividmachines.com/shellcode/shellcode.html

117
https://www.exploit-db.com/exploits/17527/

118
https://www.exploit-db.com/exploits/11834/

119
https://www.exploit-db.com/exploits/11872/

120
https://www.exploit-db.com/exploits/11764/

121
https://www.exploit-db.com/exploits/11656/

122
https://www.exploit-db.com/exploits/33453/

123
https://github.com/WebGoat/WebGoat

124
http://www.gironsec.com/blog/2016/06/backdooring-a-dll/

125
http://blog.knapsy.com/blog/2015/11/25/easy-file-sharing-web-server-v7-dot-2-remote-seh-buffer-overflow-dep-bypass-with-rop/

126
https://www.offensive-security.com/0day/quick-tftp-poc.py.txt

127
https://www.exploit-db.com/author/?a=278

128
**** https://samsclass.info/127/proj/p4-lbuf-shell.htm

129
**** http://www.securitysift.com/windows-exploit-development-part-1-basics/

130
******* https://securitycafe.ro/2015/10/30/introduction-to-windows-shellcode-development-part1/

131
******* https://securitycafe.ro/2015/12/14/introduction-to-windows-shellcode-development-part-2/

132
************* http://www.vividmachines.com/shellcode/shellcode.html

133


134
Vulnerable machines:

135
vulnhub VMs:

136
SickOS 1.1

137
SickOS 1.2

138
Droopy v0.2

139
Kevgir

140
Pegasus

141
SecTalks: BNE0x00 - Minotaur

142
SecTalks: BNE0x03 - Simple

143
NullByte: 1

144
FristiLeaks 1.3

145
OWASP Vulnerable Web Applications Directory Project

146
Mutillidae

147
Damn Vulnerable Web Application

148


149
LFI/RFI

150
https://penetrate.io/2014/01/10/from-rfi-to-shell/

151


152
Backdooring files with Python:

153
https://github.com/secretsquirrel/the-backdoor-factory

154


155
eBooks downloads:

156
http://www.ebook777.com/gray-hat-hacking-ethical-hackers-handbook-fourth-edition/

157
https://github.com/JpGallegos/CySecBooks

158
https://www.securepla.net/the-hacker-playbook-2/

159
"Hacking: The Art of Exploitation"

160


161
https://www.linkedin.com/pulse/osce-cracking-perimeter-experience-sunny-neo

162
- Fuzzing (Scapy, TAO, Sulley)

163
- Linux Exploitation (vanila stack overflow, return to Glibc - NX bypass, repairing stack canaries, ASLR bypasses) and Windows exploitation (SEH overwrite,  Return Oriented Programming into disabling DEP)

164
- Web Application Hacker's Handbook (might be too large: Consider "webgoat")

165


166
Various sites:

167
http://www.sweetscape.com/  (010 Editor)

168
https://github.com/campagnola/pycca

169
https://github.com/Gallopsled/pwntools

170
https://github.com/reyammer/shellnoob

171
https://zeltser.com/convert-shellcode-to-assembly/

172
http://files.cnblogs.com/files/exclm/ollydbg_cmdline_cheat_sheet.pdf

173
http://bernardodamele.blogspot.sg/2011/09/reverse-shells-one-liners.html

174
https://www.digitalocean.com/community/tutorials/how-to-use-bash-history-commands-and-expansions-on-a-linux-vps

175
https://github.com/peterferrie/win-exec-calc-shellcode

176
http://www.secniu.com/why-my-shellcode-cannot-work/

177
http://thestarman.pcministry.com/asm/2bytejumps.htm

178
http://blog.noobroot.com/

179
https://www.exploit-db.com/exploits/5342/

180
http://exploit.co.il/hacking/manual-egghuntershellcode-encoding/

181
https://github.com/salcho/codetz

182
http://xangosec.blogspot.sg/2014/08/automating-sub-encoder.html

183
http://www.fuzzing.org/

184
http://resources.infosecinstitute.com/pattern-based-approach-memory-shellcodes-detection/

185
https://www.offensive-security.com/metasploit-unleashed/alphanumeric-shellcode/

186
https://0x41.no/hacking-networks-with-snmp/

187
http://danielebellavista.blogspot.sg/2014/10/ia32-shellcodes-get-eip-value.html

188
http://www.thepentesters.net/tutorials/tricks-escaping-linux-restricted-shells/

189
http://codemachine.com/downloads.html

190


191
Fun random stuff:

192
http://patriciopalladino.com/files/hieroglyphy/

193
http://n01g3l.tumblr.com/

194
https://twitter.com/ch3rn0byl/status/832681279900487680

195