enlaces:seguridad:certificaciones:oscp
Diferencias
Muestra las diferencias entre dos versiones de la página.
Ambos lados, revisión anteriorRevisión previaPróxima revisión | Revisión previa | ||
enlaces:seguridad:certificaciones:oscp [2018/12/26 18:52] – cayu | enlaces:seguridad:certificaciones:oscp [Fecha desconocida] (actual) – borrado - editor externo (Fecha desconocida) 127.0.0.1 | ||
---|---|---|---|
Línea 1: | Línea 1: | ||
- | ====== Profesional certificado en seguridad ofensiva (OSCP) ====== | ||
- | Profesional certificado en seguridad ofensiva (**OSCP**) es una certificación de ethical hacking ofrecida por Offensive Security que enseña metodologías de exámenes de penetración y utilizan herramientas incluyendo el examen de pentración BackTrack (ahora realizado con éxito con la distribución Kali Linux)12 La certificación OSCP consiste en un examen práctico que requiere atacar y penetrar de manera satisfactoria varias maquinas en un ambiente seguro controlado.3 Actualmente, | ||
- | ===== Referencias para prepararse ===== | ||
- | |||
- | * shi_ver_bot : A Telegram bot to see if your password was in the BreachCompilation | ||
- | |||
- | |||
- | beef project | ||
- | |||
- | |||
- | sitio de boca | ||
- | buscar | ||
- | alert(document.cookie)</ | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | dig @200.111.157.67 unap.cl -t AXFR | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | portnocking | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | https:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | |||
- | (ip.addr == 10.168.40.145) and (!udp contains " | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | ip.src == 192.168.0.99 && tcp.flags.syn==1 && tcp.flags.ack==1 | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | scapy | ||
- | |||
- | >>> | ||
- | |||
- | >>> | ||
- | |||
- | a = ARP(op=" | ||
- | |||
- | 10.168.40.1 | ||
- | |||
- | |||
- | ip a falsear ip victima mac victima | ||
- | a = ARP(op=" | ||
- | >>> | ||
- | |||
- | |||
- | ettercap | ||
- | < | ||
- | ettercap -T -q -i eth0 -P dns_spoof -M arp / | ||
- | </ | ||
- | |||
- | tcpdump -n -i wlan0 -e 'arp or icmp' | ||
- | |||
- | |||
- | arping -c 1 -I wlan0 10.168.40.1 | ||
- | ARPING 10.168.40.1 | ||
- | 60 bytes from 08: | ||
- | 60 bytes from 00: | ||
- | |||
- | --- 10.168.40.1 statistics --- | ||
- | |||
- | https:// | ||
- | |||
- | mitmproxy | ||
- | |||
- | arpspoof -i eth0 -t 10.168.40.70 10.168.40.1 | ||
- | |||
- | |||
- | iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080 | ||
- | | ||
- | |||
- | |||
- | mitmproxy --mode transparent | ||
- | |||
- | ---- | ||
- | |||
- | bettercap -T ipvictima --proxy -P | ||
- | |||
- | |||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | http:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | w2af | ||
- | http:// | ||
- | |||
- | |||
- | |||
- | |||
- | --------- | ||
- | |||
- | WIFI | ||
- | |||
- | https:// | ||
- | ----- | ||
- | |||
- | |||
- | |||
- | android | ||
- | https:// | ||
- | |||
- | |||
- | extra | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | otra | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | |||
- | OSCP | ||
- | |||
- | https:// | ||
- | https:// | ||
- | https:// | ||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | https:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | http:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | http:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | cayuqueo@gmail.com | ||
- | EBM1JUD1yq57pmgUAiqHQ | ||
- | |||
- | |||
- | http:// | ||
- | |||
- | http:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | http:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | Cupp para crear diccionarios | ||
- | git clone https:// | ||
- | |||
- | Generar ataques de Bruteforce a redes sociales | ||
- | git clone https:// | ||
- | |||
- | Dump de passwords (Volcado de memoria) | ||
- | https:// | ||
- | |||
- | Cracking WPA/WPA2 con phishing | ||
- | https:// | ||
- | https:// | ||
- | |||
- | instabridge | ||
- | |||
- | --mode transparent | ||
- | |||
- | mitm.it/ | ||
- | |||
- | bettercap -T [ip_victima] --proxy -P | ||
- | |||
- | Evil-Droid | ||
- | git clone https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | http:// | ||
- | |||
- | |||
- | |||
- | |||
- | |||
- | |||
- | Good reviews of CTP/OSCE (in no particular order): | ||
- | |||
- | Note: * mark means look for other posts on this blog | ||
- | |||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | |||
- | Tutorial sites (more stars = better/ | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | |||
- | |||
- | Cheatsheets: | ||
- | * https:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | |||
- | Good practice sites: | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | * https:// | ||
- | * https:// | ||
- | * http:// | ||
- | |||
- | Vulnerable machines: | ||
- | vulnhub VMs: | ||
- | SickOS 1.1 | ||
- | SickOS 1.2 | ||
- | Droopy v0.2 | ||
- | Kevgir | ||
- | Pegasus | ||
- | SecTalks: BNE0x00 - Minotaur | ||
- | SecTalks: BNE0x03 - Simple | ||
- | NullByte: 1 | ||
- | FristiLeaks 1.3 | ||
- | OWASP Vulnerable Web Applications Directory Project | ||
- | Mutillidae | ||
- | Damn Vulnerable Web Application | ||
- | |||
- | LFI/RFI | ||
- | https:// | ||
- | |||
- | Backdooring files with Python: | ||
- | https:// | ||
- | |||
- | eBooks downloads: | ||
- | http:// | ||
- | https:// | ||
- | https:// | ||
- | " | ||
- | |||
- | https:// | ||
- | - Fuzzing (Scapy, TAO, Sulley) | ||
- | - Linux Exploitation (vanila stack overflow, return to Glibc - NX bypass, repairing stack canaries, ASLR bypasses) and Windows exploitation (SEH overwrite, | ||
- | - Web Application Hacker' | ||
- | |||
- | Various sites: | ||
- | http:// | ||
- | https:// | ||
- | https:// | ||
- | https:// | ||
- | https:// | ||
- | http:// | ||
- | http:// | ||
- | https:// | ||
- | https:// | ||
- | http:// | ||
- | http:// | ||
- | http:// | ||
- | https:// | ||
- | http:// | ||
- | https:// | ||
- | http:// | ||
- | http:// | ||
- | http:// | ||
- | https:// | ||
- | https:// | ||
- | http:// | ||
- | http:// | ||
- | http:// | ||
- | |||
- | Fun random stuff: | ||
- | http:// | ||
- | http:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | * https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | Linux Kernel-Mode Rootkit Hunter for 4.4.0-31+. | ||
- | https:// | ||
- | https:// | ||
- | |||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||
- | https:// | ||
- | |||