My OSCP Pentesting Cheatsheet
a day ago
- #OSCP
- #Pentesting Cheatsheet
- #Network Enumeration
- OSCP exam passed on 14.03.2025, with confirmation received three days later.
- Compiled personal knowledge base cheatsheet covering network/service enumeration, password guessing, reverse shells, AD, and Windows post-exploitation.
- Tips include using .env files for environment variables, setting $myip variable via VPN interface, copy alias for clipboard, and tmux for terminal management.
- Network enumeration commands for host discovery, port scanning (TCP/UDP), and service-specific checks for FTP, SSH, Telnet, SMTP, DNS, etc.
- HTTP enumeration tools include gobuster, dirsearch, feroxbuster, wpscan, nikto, and API testing techniques.
- Active Directory and Windows post-exploitation: Mimikatz for credential dumping, Ligolo for tunneling, Kerberoasting, AS-Rep roasting, and file transfer methods.
- Password guessing strategies: using product names, username variations (e.g., John Doe derivatives), and tools like cewl or CUPP.
- Reverse shell methods include base64-encoded PowerShell scripts and named pipe alternatives for reliability.
- Miscellaneous services: SMB enumeration, LDAP queries, MSSQL command execution, MySQL/PostgreSQL commands, and SNMP exploits.
- User management: adding admin users, enabling RDP/WinRM, and setting execution policies.