Diferencias

Muestra las diferencias entre dos versiones de la página.

--- enlaces:seguridad:certificaciones:oscp [2018/12/17 15:28] – cayu
+++ enlaces:seguridad:certificaciones:oscp [Fecha desconocida] (actual) – borrado - editor externo (Fecha desconocida) 127.0.0.1
@@ Línea 1: / Línea 1: @@
-====== Profesional certificado en seguridad ofensiva (OSCP) ======
-Profesional certificado en seguridad ofensiva (**OSCP**) es una certificación de ethical hacking ofrecida por Offensive Security que enseña metodologías de exámenes de penetración y utilizan herramientas incluyendo el examen de pentración BackTrack (ahora realizado con éxito con la distribución Kali Linux)12 La certificación OSCP consiste en un examen práctico que requiere atacar y penetrar de manera satisfactoria varias maquinas en un ambiente seguro controlado.3 Actualmente, es una de las pocas certificaciones que requiere evidencia de las habilidades en la parte práctica que consiste en una prueba de penetración.
-===== Referencias para prepararse =====
-  * shi_ver_bot : A Telegram bot to see if your password was in the BreachCompilation
-beef project
-sitio de boca
-buscar
-alert(document.cookie)</script>
-https://www.netcraft.com/
-https://www.seleniumhq.org/
-https://panopticlick.eff.org/
-https://beefproject.com/
-dig @200.111.157.67 unap.cl -t AXFR
-https://www.acunetix.com/
-https://github.com/1N3/Sn1per
-portnocking
-https://blog.wpscans.com/sniff-wordpress-login-credentials-wireshark-http-connection/
-https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
-https://kali.training/lessons/introduction/
-https://kali.training/topic/introduction-to-kali-linux/
-https://www.offensive-security.com/information-security-certifications/oswe-offensive-security-web-expert/
-https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
-https://www.offensive-security.com/information-security-training/penetration-testing-training-kali-linux/
-https://smarterworkspaces.kyocera.es/blog/certificacion-seguridad-informatica-cuales-las-principales/
-(ip.addr == 10.168.40.145) and (!udp contains "HTTP/1.1")
-https://tools.kali.org/information-gathering/nmap
-ip.src == 192.168.0.99 && tcp.flags.syn==1 && tcp.flags.ack==1
-https://3.14.by/en/md5
-https://github.com/alearea51/IKn0wU
-https://github.com/TunisianEagles/SocialBox
-https://github.com/gentilkiwi/mimikatz
-https://github.com/AlessandroZ/LaZagne
-https://github.com/reconSF/python/blob/master/Syngress.Violent.Python.a.Cookbook.for.Hackers.2013.pdf
-https://github.com/vk496/linset
-https://foro.seguridadwireless.net/manuales-de-wifislax-wifiway/manual-basico-de-wifislax-y-sus-herramientas-de-auditoria/
-https://github.com/WifiPhisher
-https://github.com/xtr4nge/FruityWifi
-scapy
->>> a = ARP(op="who-has", psrc="192.168.168.2", pdst="192.168.168.131", hwdst="fe80::4067:2e3f:d06:61bd")
->>> send(a, inter=3, loop=1)
-a = ARP(op="who-has", psrc="10.168.40.1", pdst="10.168.40.70", hwdst="fe80::4067:2e3f:d06:61bd")
-.168.40.1
-ip a falsear		ip victima 	mac victima
-a = ARP(op="who-has", psrc="10.168.40.1", pdst="10.168.40.70", hwdst="08:00:27:52:2D:A0")
->>> send(a, inter=3, loop=1)
-ettercap
-<code>
-ettercap -T -q -i eth0 -P dns_spoof -M arp /10.168.40.145///
-</code>
-tcpdump -n -i wlan0 -e 'arp or icmp'
-arping -c 1 -I wlan0 10.168.40.1
-ARPING 10.168.40.1
-bytes from 08:00:27:7e:b5:f7 (10.168.40.1): index=0 time=1.363 msec
-bytes from 00:17:c5:15:81:6a (10.168.40.1): index=1 time=2.670 msec
---- 10.168.40.1 statistics ---
-https://sandilands.info/sgordon/arp-spoofing-on-wired-lan
-mitmproxy
-arpspoof -i eth0 -t 10.168.40.70 10.168.40.1
-iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
- iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 8080
-mitmproxy --mode transparent
-----
-bettercap -T ipvictima --proxy -P
-https://github.com/byt3bl33d3r/MITMf
-https://backtrackacademy.com/articulo/saltando-hsts-con-man-in-the-middle-framework
-http://www.elladodelmal.com/2016/03/ataques-man-in-middle-hsts-sslstrip-2.html
-https://www.trustwave.com/Resources/SpiderLabs-Blog/Changes-in-Oracle-Database-12c-password-hashes/
-w2af
-http://exploitpack.com/
----------
-WIFI
-https://github.com/xtr4nge/FruityC2
------
-android
-https://github.com/M4sc3r4n0/Evil-Droid
-extra
-https://github.com/nixawk/pentest-wiki
-https://geekflare.com/online-scan-website-security-vulnerabilities/
-otra
-https://es.scribd.com/document/13213787/CUH-E-zine-4%C2%AA-Edicion
-https://www.aircrack-ng.org/doku.php?id=es:aireplay-ng
-https://www.aircrack-ng.org/doku.php?id=es:deauthentication
-https://www.offensive-security.com/metasploit-unleashed/
-https://blog.segu-info.com.ar/2018/09/examen-de-prueba-para-estudiantes-del.html
-https://www.alienvault.com/blogs/security-essentials/how-to-prepare-to-take-the-oscp
-OSCP
-https://www.sniferl4bs.com/2015/11/entrenando-en-casa-para-rendir-el-oscp.html
-https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440
-https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-2-workflow-and-documentation-tips-9dd335204a48
-https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-3-practical-hacking-tips-and-tricks-c38486f5fc97
-https://support.offensive-security.com/#!pwk-support.md
-https://support.offensive-security.com/#!oscp-exam-guide.md
-https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf
-https://www.securitysift.com/offsec-pwb-oscp/
-https://www.adampalmer.me/iodigitalsec/2013/04/11/offensive-security-pwb-course-and-oscp-certification-review/
-https://vcatalan.com/2017/01/OSCP-part-I-preparacion-estudio-previo.html
-https://mytcpip.com/2017/08/10/taller-de-hacking-i-nmap-a-fondo-metasploit-basico/
-https://null-byte.wonderhowto.com/forum/upload-shell-from-phpmyadmin-xampp-by-mohamed-ahmed-0179931/
-https://www.exam-labs.com/exam/NSE4#tutorial
-https://www.ihacklabs.com/es/el-mejor-sistema-de-pivoting-en-linux/
-https://wiki.wireshark.org/SampleCaptures
-https://www.ubuntupit.com/an-ultimate-list-of-ethical-hacking-and-penetration-testing-tools-for-kali-linux/?fbclid=IwAR2szRvngTnDw8X7sETTlDH7letMnJriTBNSWYe_P4t49VVScqdxS2gWhV8
-https://openwall.info/wiki/
-https://github.com/ibr2/pwk-cheatsheet
-https://www.keiththome.com/oscp-course-review/
-http://fl3x.us/blog/2015/09/22/order-wireless-devices-for-wifu-course/
-https://amonsec.net/course/offensive-security-pwk-course-review
-https://blog.g0tmi1k.com/2013/08/cracking-perimeter-ctp-offensive/
-https://www.ihacklabs.com/es/certificacion-osce-review-cracking-the-perimeter-ctp/
-http://www.vividmachines.com/shellcode/shellcode.html
-https://www.securitysift.com/offsec-ctp-osce/
-https://hackforums.net/member.php
-cayuqueo@gmail.com
-EBM1JUD1yq57pmgUAiqHQ
-http://nixware.net/my-osce-journey
-http://www.cs.virginia.edu/~evans/cs216/guides/x86.html
-https://www.pentesteracademy.com/topics
-https://openwall.info/wiki/p_lkrg/Main
-https://github.com/tanc7/hacking-books
-https://github.com/tanc7
-https://infosecuritygeek.com/vulnhub-kioptrix-2014/
-http://www.securitysift.com/offsec-pwb-oscp/
-https://xapax.gitbooks.io/security/content/
-https://medium.com/@bondo.mike/ptp-lab-privilege-escalation-with-services-5d14a99a28d1
-https://github.com/xapax/oscp
-https://medium.com/@m4lv0id/and-i-did-oscp-589babbfea19
-Cupp para crear diccionarios
-git clone https://github.com/Mebus/cupp.git
-Generar ataques de Bruteforce a redes sociales
-git clone https://github.com/TunisianEagles/SocialBox.git
-Dump de passwords (Volcado de memoria)
-https://github.com/AlessandroZ/LaZagne
-Cracking WPA/WPA2 con phishing
-https://github.com/vk496/linset
-https://github.com/wifiphisher/wifiphisher
-instabridge
---mode transparent
-mitm.it/cert/p12
-bettercap -T [ip_victima] --proxy -P
-Evil-Droid
-git clone https://github.com/M4sc3r4n0/Evil-Droid.git
-https://www.giuspen.com/cherrytree/
-https://github.com/mikaelkall/HackingAllTheThings
-https://www.vortex.id.au/2017/05/oscp-exam-preparation-exam-day-report-day/
-https://github.com/P3t3rp4rk3r/OSCP-cheat-sheet-1
-https://github.com/so87/OSCP-PwK
-https://medium.com/@chennylmf/hackthebox-lame-c28b19558cb0
-https://github.com/OlivierLaflamme/Cheatsheet-God
-https://medium.com/@cymtrick/oscp-cheat-sheet-5b8aeae085ad
-https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
-https://medium.com/@chennylmf/hackthebox-walkthrough-tartarsauce-810a8df296c1
-https://www.giuspen.com/cherrytree/
-http://www.fuzzysecurity.com/tutorials/16.html
-Good reviews of CTP/OSCE (in no particular order):
-Note: * mark means look for other posts on this blog
-  * https://www.jollyfrogs.com
-  * http://www.securitysift.com/offsec-ctp-osce/
-  * http://buffered.io/posts/osce-and-me/
-  * http://www.iodigitalsec.com/offensive-security-ctp-course-and-osce-certification-review/
-  * http://ethicalhacker.io/post/137403906740/osce-exam-prep
-  * https://blog.g0tmi1k.com/2013/08/cracking-perimeter-ctp-offensive/
-  * https://infamoussyn.com/resources/
-  * http://www.vividmachines.com/shellcode/shellcode.html
-  * http://www.primalsecurity.net/course-review-osce/
-  * http://netsec.ws/?p=517
-  * http://tekwizz123.blogspot.sg/2014/09/osce-review-and-experience.html
-  * https://networkfilter.blogspot.sg/2016/01/my-osce-review.html
-  * https://www.blogtecnico.net/certificacion-osce-review-cracking-the-perimeter-ctp/
-  * https://github.com/reider-roque
-  * http://shell-storm.org/shellcode/
-Tutorial sites (more stars = better/recommended):
-  * https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/
-  * http://www.0daysecurity.com/pentest.html
-  * http://ly0n.me/2015/10/19/lfi-beyond-procselfenviron/
-  * http://phrack.org/issues/62/7.html
-  * http://0xdabbad00.com/2012/12/09/hurdles-for-a-beginner-to-exploit-a-simple-vulnerability-on-modern-windows/
-  * https://community.rapid7.com/community/metasploit/blog/2012/07/05/part-1-metasploit-module-development--the-series
-  * http://resources.infosecinstitute.com/intro-to-fuzzing/
-  * https://madmantm.wordpress.com/
-  * https://www.fuzzysecurity.com/tutorials.html
-  * https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/
-  * http://netsec.ws/?p=180
-  * http://netsec.ws/?p=430
-  * http://netsec.ws/?cat=57
-  * http://blog.stalkr.net/2011/04/pctf-2011-22-hashcalc1.html
-  * https://ionize.com.au/its-all-about-inclusion/
-  * https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/
-  * https://www.idontplaydarts.com/2011/03/php-remote-file-inclusion-command-shell-using-data-stream/
-  * https://www.idontplaydarts.com/2011/02/using-php-filter-for-local-file-inclusion/
-  * https://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
-  * https://sites.google.com/site/xssvulnerabilities/bypassing-browser-anti-xss-filters
-  * http://carnal0wnage.attackresearch.com/
-  * https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
-  * https://www.kernel-exploits.com/
-  * http://www.thegreycorner.com/2010/01/seh-stack-based-windows-buffer-overflow.html
-  * http://www.thegreycorner.com/2010/02/windows-buffer-overflow-tutorial.html
-  * http://www.thegreycorner.com/2010/01/beginning-stack-based-buffer-overflow.html
-  * https://www.corelan.be/index.php/2011/07/03/universal-depaslr-bypass-with-msvcr71-dll-and-mona-py/
-  * https://www.corelan.be/index.php/2010/03/27/exploiting-ken-ward-zipper-taking-advantage-of-payload-conversion/
-  * https://www.corelan.be/index.php/2010/03/27/quickzip-stack-bof-0day-a-box-of-chocolates/
-  * https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
-  * https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/
-  * https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/
-  * https://www.corelan.be/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/
-  * https://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/
-  * https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/
-  * https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/
-  * https://www.corelan.be/index.php/2009/11/06/exploit-writing-tutorial-part-7-unicode-from-0x00410041-to-calc/
-  * https://www.corelan.be/index.php/2010/01/09/exploit-writing-tutorial-part-8-win32-egg-hunting/
-  * https://www.corelan.be/index.php/2010/01/26/starting-to-write-immunity-debugger-pycommands-my-cheatsheet/
-  * https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/
-  * https://websec.wordpress.com/2010/02/22/exploiting-php-file-inclusion-overview/
-  * https://sites.google.com/site/xssvulnerabilities/bypassing-browser-anti-xss-filters
-  * https://sploitfun.wordpress.com/2015/06/26/linux-x86-exploit-development-tutorial-series/
-  * https://github.com/sploitfun/lsploits
-  * http://blog.pusheax.com/2013/03/exploit-writing-stack-based-buffer.html
-  * http://www.keystone-engine.org/docs/tutorial.html
-  * http://resources.infosecinstitute.com/analysis-of-malware-samples/
-  * http://www.fuzzysecurity.com/tutorials/7.html
-  * https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2016/june/writing-exploits-for-win32-systems-from-scratch/
-  * http://phrack.org/issues/67/13.html
-  * http://www.securepla.net/
-  * http://programming4.us/security/688.aspx
-  * http://resources.infosecinstitute.com/buffer-overflow-vulnserver/
-  * http://www.primalsecurity.net/0x8-exploit-tutorial-the-elusive-egghunter/
-  * https://blog.techorganic.com/2014/05/14/from-fuzzing-to-0-day/
-  * http://www.flinkd.org/2011/07/fuzzing-with-peach-part-1/
-  * http://realpentesting.blogspot.sg/2013/04/0day-bug-hunting-realpentesting.html
-  * https://samsclass.info/127/proj/vuln-server.htm
-  * http://www.rockfishsec.com/2014/01/fuzzing-vulnserver-with-peach-3.html
-  * http://www.thegreycorner.com/p/vulnserver.html
-  * http://resources.infosecinstitute.com/seh-exploit/
-  * https://www.offensive-security.com/vulndev/quickzip-stack-bof-0day-a-box-of-chocolates/
-Cheatsheets:
-  * https://highon.coffee/blog/lfi-cheat-sheet/
-  * http://ethicalhacker.io/post/137403906740/osce-exam-prep
-  * https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
-  * http://htmlpurifier.org/live/smoketests/xssAttacks.php
-  * https://www.bnxnet.com/wp-content/uploads/2015/01/WinAPIs_for_hackers.pdf
-  * http://www.securepla.net/wiki/index.php?title=Cheat_Sheets
-  * http://www.securepla.net/wiki/index.php?title=Network_Attack_Cheat_Sheet
-  * https://www.securepla.net/wiki/index.php?title=Web_App_Cheat_Sheet
-  * http://www.securepla.net/wiki/index.php?title=Web_Scanning_Cheat_Sheet
-  * http://www.securepla.net/wiki/index.php?title=Malware_Cheat_Sheet
-  * http://sparksandflames.com/files/x86InstructionChart.html
-Good practice sites:
-  * http://www.primalsecurity.net/tutorials/exploit-tutorials/
-  * http://www.securitysift.com/windows-exploit-development-part-6-seh-exploits/
-  * https://v00d00sec.com/2015/09/14/manually-backdooring-windows-executables/
-  * https://www.corelan.be/index.php/articles/
-  * http://fuzzysecurity.com/tutorials.html
-  * http://exploit-exercises.com/protostar
-  * http://exploit-exercises.com/fusion
-  * http://ihazomgsecurityskillz.blogspot.com/
-  * http://opensecuritytraining.info/Training.html
-  * https://trailofbits.github.io/ctf/index.html
-  * http://tuts4you.com/download.php?list.17
-  * http://tuts4you.com/download.php?list.29
-  * http://tuts4you.com/download.php?list.3
-  * http://www.openrce.org/downloads/
-  * http://www.securitytube-training.com/online-courses/securitytube-linux-assembly-expert/index.html
-  * http://tuts4you.com/download.php?list.67
-  * http://www.binary-auditing.com/
-  * https://blog.g0tmi1k.com/dvwa/index/
-  * http://www.vividmachines.com/shellcode/shellcode.html
-  * https://www.exploit-db.com/exploits/17527/
-  * https://www.exploit-db.com/exploits/11834/
-  * https://www.exploit-db.com/exploits/11872/
-  * https://www.exploit-db.com/exploits/11764/
-  * https://www.exploit-db.com/exploits/11656/
-  * https://www.exploit-db.com/exploits/33453/
-  * https://github.com/WebGoat/WebGoat
-  * http://www.gironsec.com/blog/2016/06/backdooring-a-dll/
-  * http://blog.knapsy.com/blog/2015/11/25/easy-file-sharing-web-server-v7-dot-2-remote-seh-buffer-overflow-dep-bypass-with-rop/
-  * https://www.offensive-security.com/0day/quick-tftp-poc.py.txt
-  * https://www.exploit-db.com/author/?a=278
-  * https://samsclass.info/127/proj/p4-lbuf-shell.htm
-  * http://www.securitysift.com/windows-exploit-development-part-1-basics/
-  * https://securitycafe.ro/2015/10/30/introduction-to-windows-shellcode-development-part1/
-  * https://securitycafe.ro/2015/12/14/introduction-to-windows-shellcode-development-part-2/
-  * http://www.vividmachines.com/shellcode/shellcode.html
-Vulnerable machines:
-vulnhub VMs:
-SickOS 1.1
-SickOS 1.2
-Droopy v0.2
-Kevgir
-Pegasus
-SecTalks: BNE0x00 - Minotaur
-SecTalks: BNE0x03 - Simple
-NullByte: 1
-FristiLeaks 1.3
-OWASP Vulnerable Web Applications Directory Project
-Mutillidae
-Damn Vulnerable Web Application
-LFI/RFI
-https://penetrate.io/2014/01/10/from-rfi-to-shell/
-Backdooring files with Python:
-https://github.com/secretsquirrel/the-backdoor-factory
-eBooks downloads:
-http://www.ebook777.com/gray-hat-hacking-ethical-hackers-handbook-fourth-edition/
-https://github.com/JpGallegos/CySecBooks
-https://www.securepla.net/the-hacker-playbook-2/
-"Hacking: The Art of Exploitation"
-https://www.linkedin.com/pulse/osce-cracking-perimeter-experience-sunny-neo
-- Fuzzing (Scapy, TAO, Sulley)
-- Linux Exploitation (vanila stack overflow, return to Glibc - NX bypass, repairing stack canaries, ASLR bypasses) and Windows exploitation (SEH overwrite,  Return Oriented Programming into disabling DEP)
-- Web Application Hacker's Handbook (might be too large: Consider "webgoat")
-Various sites:
-http://www.sweetscape.com/  (010 Editor)
-https://github.com/campagnola/pycca
-https://github.com/Gallopsled/pwntools
-https://github.com/reyammer/shellnoob
-https://zeltser.com/convert-shellcode-to-assembly/
-http://files.cnblogs.com/files/exclm/ollydbg_cmdline_cheat_sheet.pdf
-http://bernardodamele.blogspot.sg/2011/09/reverse-shells-one-liners.html
-https://www.digitalocean.com/community/tutorials/how-to-use-bash-history-commands-and-expansions-on-a-linux-vps
-https://github.com/peterferrie/win-exec-calc-shellcode
-http://www.secniu.com/why-my-shellcode-cannot-work/
-http://thestarman.pcministry.com/asm/2bytejumps.htm
-http://blog.noobroot.com/
-https://www.exploit-db.com/exploits/5342/
-http://exploit.co.il/hacking/manual-egghuntershellcode-encoding/
-https://github.com/salcho/codetz
-http://xangosec.blogspot.sg/2014/08/automating-sub-encoder.html
-http://www.fuzzing.org/
-http://resources.infosecinstitute.com/pattern-based-approach-memory-shellcodes-detection/
-https://www.offensive-security.com/metasploit-unleashed/alphanumeric-shellcode/
-https://0x41.no/hacking-networks-with-snmp/
-http://danielebellavista.blogspot.sg/2014/10/ia32-shellcodes-get-eip-value.html
-http://www.thepentesters.net/tutorials/tricks-escaping-linux-restricted-shells/
-http://codemachine.com/downloads.html
-Fun random stuff:
-http://patriciopalladino.com/files/hieroglyphy/
-http://n01g3l.tumblr.com/
-https://twitter.com/ch3rn0byl/status/832681279900487680
-https://blog.g0tmi1k.com/2012/02/kioptrix-level-4-sql-injection/
-https://blog.g0tmi1k.com/2012/01/hackademic-rtb2/
-https://github.com/vanhoefm/modwifi
-https://github.com/vanhoefm/blackhat17-pocs
-https://github.com/0x90/uberscapy
-https://github.com/0x90/wifi-arsenal
-https://github.com/0x90/kali-scripts
-https://nets.ec/Main_Page
-https://old.exploit-db.com/exploits/13284/
-https://packetstormsecurity.com/files/90146/Ascii-To-Shellcode-Encoder-Decoder-Tool.html
-https://underc0de.org/foro/hacking/que-es-una-shellcode/
-https://0x00sec.org/t/linux-shellcoding-part-1-0/289
-https://packetstormsecurity.com/files/90146/Ascii-To-Shellcode-Encoder-Decoder-Tool.html
-https://github.com/Grazfather/PracticalMalwareLabs
-https://github.com/Grazfather/BlackHatPython
-https://github.com/VulnHub/ctf-writeups
-https://nullku7.github.io/stuff/vulnhub/walkthrough/2017/05/28/vulnhub-mr-robot.html
-https://github.com/trustedsec
-https://exploit.courses/#/challenges
-https://payatu.com/guide-linux-privilege-escalation/
-https://github.com/dobin/yookiterm-slides
-https://exploit.courses/files/bfh2018/content.html
-https://exploit.courses/files/bfh2017/content.html
-https://systemoverlord.com/2017/10/24/building-a-home-lab-for-offensive-security-basics.html#pre-made-vms-tools
-  * https://github.com/xairy/linux-kernel-exploitation
-https://blog.vonhewitt.com/2018/08/oscp-exam-cram-log-aug-sept-oct-2018/
-https://www.vortex.id.au/2017/05/pwkoscp-stack-buffer-overflow-practice/
-https://googleprojectzero.blogspot.com/2017/05/exploiting-linux-kernel-via-packet.html
-https://www.exploit-db.com/exploits/44298
-https://github.com/jivoi/pentest
-https://github.com/lucyoa/kernel-exploits
-https://n0where.net/
-https://github.com/Manisso/fsociety