Offensive Security Certified Professional (OSCP)
An OSCP has proven to be able to spot weaknesses and carry out planned attacks in a timely manner by utilizing perseverance, ingenuity, and perception. Moreover, OSCP holders have demonstrated their ability to think creatively and efficiently with limited time and resources.
Overview
Courses for Certification in Offensive Security In the field of cybersecurity education, Offensive Security is a pioneer. Known for developing the penetration testing tool Kali Linux and the Offensive Security Certified Professional (OSCP) credential, Offensive Security gives IT workers the tools they need to protect themselves from malevolent online assaults. With the sophistication of cyber attacks and security breaches rising in today’s digital environment, Offensive Security’s experience is important.
For anyone hoping to focus on information security, familiarizing themselves with the techniques and instruments of Offensive Security is essential. Real-world tactics are emphasized in their hands-on training approach, which is crucial for comprehending and reducing contemporary cyber risks.
What you will learn in Offensive Security Certified Professional (OSCP) course?
- Finding Files in Kali Linux
- Redirecting to the existing file
- Connecting to the TCP/UDP Port
- Nessus Installation
- Scanning the Vulnerabilities
- Retrieving the Password Hashes
- Exploiting SQL Injection
- Passing the Hash in Windows
- Choosing the Vulnerability
- Targeting the Database
Who Should Attend Offensive Security Certified Professional (OSCP) course?
This OSCP training is suitable for windows administrators, cybersecurity professionals, system administrators, and network engineers.
Our Package
- Accessing the internal VPN Lab Network
- Offensive Security Student Form
- Introduction to Penetration Testing
- MegaCorpone.com and Sandbox.local Domains
- PWK VPN Labs
- Reverts
- Control Panel
- Client Machines
- Kali Virtual Machine
- Reporting
- PWK Report
- Botting Up Kali Linux
- Kali Menu
- Kali Linux Support Forum
- Kali Linux Bug Tracker
- Linux Filesystem
- Linux Commands
- Finding Files in Kali Linux
- Handling the Kali Linux Services
- HTTP Service
- SSH Service
- Installing, Searching, and Removing the Tools
- Apt update and upgrade
- Apt – cache search and apt show
- apt remove – purge
- dpkg
Section 3.1: Bash Environment
- Environment Variables
- Bash History Tricks
- Tab Completion
Section 3.2: Piping and Redirection
- Redirecting to the new file
- Redirecting to the Existing File
- Redirecting from the File
- Redirecting STDERR
- Piping
Section 3.3: Text Searching and Manipulation
- sed
- grep
- awk
- cut
Section 3.4: Editing Files from a command file
- Vi
- nano
Section 3.5: Comparing Files
- diff
- comm
- vimdiff
Section 3.6: Handling Processes
- Background Process
- Process Control: kill and ps
- Jobs Control: jobs and fg
Section 3.7: File Monitoring and Command Monitoring
- Watch
- Tail
Section 3.8: Downloading the files
- curl
- axel
- wget
Section 3.9: Customizing Bash Environment
- Customizing Bash History
- Persistent Bash Customization
- Alias
Section 4.1: Netcat
- Connecting to the TCP/UDP Port
- Listening on the TCP/UDP Port
- Transferring the Files with Netcat
- Remote Administration with Netcat
Section 4.2: Socat
- Differentiate Netcat and Socat
- Socat Reverse Shells
- Socat File Transfers
- Socat Encrypted Bind Shells
Section 4.3: Powercat and PowerShell
- PowerShell Reverse Shells
- PowerShell File Transfers
- PowerShell Bind Shells
- Introduction to Powercat
- Powercat Reverse Shells
- Powercat File Transfers
- Powercat Bind Shells
- Powercat Stand-Alone Payloads
Section 4.4: Wireshark
- Wireshark Fundamentals
- Starting Wireshark
- Display Filters
- Capture Filters
- Following TCP Streams
Section 4.5: TCPdump
- Filtering the Traffic
- Advanced Header Filtering
- Variables
- Arguments
- If, If-Else, Else Statements
- Reading User Input
- Boolean Logical Operations
- For Loops
- While Loops
- Functions
- Website Recon
- Google Hacking
- Whois Enumeration
- Recon-ng
- Netcraft
- Open-Source Code
- Security Headers Scanner
- Shodan
- SSL Server Test
- Pastebin
- Email Harvesting
- User Information Gathering
- Password Dumps
- Email Harvesting
- Site-Specific Tools
- Social Media Tools
- Stack Overflow
- OSINT Framework
- Maltego
Section 7.1: DNS Enumeration
- Interaction with the DNS Server
- Forward Lookup Brute Force
- Automating Lookups
- Reverse Lookup Brute Force
- Relevant Tools in Kali Linux
- DNS Zone Transfers
Section 7.2: Port Scanning
- UDP/TCP Scanning
- Port Scanning with the Nmap
- Masscan
Section 7.3: SMB Enumeration
- Scanning for NetBIOS Service
- Nmap SMB NSE Scripts
Section 7.4: NFS Enumeration
- Scanning for the NFS Shares
- Nmap NFS NSE Scripts
Section 7.5: SMTP Enumeration
Section 7.6: SNMP Enumeration
- SNMP MIB Tree
- Scanning for the SNMP
- Windows SNMP Enumeration
Section 8.1: Introduction to Vulnerability Scanning
- How Vulnerability Scanners Work
- Manual vs. Automated Scanning
- Internal Scanning vs. Internet Scanning
- Unauthenticated vs. Authenticated Scanning
Section 8.2: Vulnerability Scanning with Nessus
- Nessus Installation
- Specifying Targets
- Configuring Scan Definitions
- Unauthenticated and Authenticated Scanning with Nessus
- Scanning with Individual Nessus Plugins
Section 8.3: Vulnerability Scanning with Nmap
Section 9.1: Web Application Enumeration
- Inspection URLs
- Inspecting Page Content
- Inspecting the SiteMaps
- Locating the Administration Consoles
section 9.2: Web Application Assessment Tools
- Burp Suite
- Nikto
- DIRB
Section 9.3: Web-Based Vulnerabilities
- Exploiting the Admin Consoles
- File Inclusion Vulnerabilities
- Cross-Site Scripting
- Directory Traversal Vulnerabilities
- SQL Injection
Section 10.1: x Architecture
- Program Memory
- CPU Registers
Section 10.2: Buffer Overflows
- Sample Vulnerable Code
- Immunity Debugger
- Navigating Code
- Overflowing the Buffer
Section 11.1: Discovering the Vulnerability
- Fuzzing HTTP Protocol
- Win Buffer Overflow Exploitation
Section 112: DEP, ASLR, and CFG
- Replicating the Crash
- Controlling EIP
- Discovering Space for Our Shellcode
- Checking for the Bad Characters
- Redirecting the Execution Flow
- Finding the Return Address
- Generating Shellcode with Metasploit
- Getting the Shell
- Enhancing the Exploit
- DEP, ASLR, and Canaries
- Controlling EIP
- Replicating the Crash
- Checking for the Bad Characters
- Discovering Space for the Shellcode
- Finding the Return Address
- Getting the Shell
Section 13.1: Client Information Gathering
- Passive Client Information Gathering
- Active Client Information Gathering
Section 13.2: Leveraging the HTML Applications
- HTA Attack in Action
- Exploring the HTML Application
Section 13.3: Exploring Microsoft Office
- Microsoft Office Installation
- Object Embedding and Linking
- Microsoft Word Macro
- Evading the Protected View
- Searching Online Exploit Resources
- Searching Offline Exploit Resources
Section 15.1: Fixing the Memory Corruption Exploits
- Introduction and Considerations
- Importing and Reviewing the Exploits
- Cross-Compiling the Exploit Code
- Modifying the Socket Information
- Modifying the Return Address and Payload
- Modifying the Overflow Buffer
Section 15.2: Fixing the Web Exploits
- Introduction and Considerations
- Choosing the Vulnerability
- Modifying the Connectivity Information
- Troubleshooting “index out of range” error
Section 16.1: Preparations and Considerations
- Dangers of Transmitting the Attack Tools
- Installing the Pure – FTPd
- Non-Interactive Shell
Section 16.2: Transferring the Files the Windows Hosts
- Non-Interactive FTP Download
- Windows Downloads using the Scripting Language
- Windows Downloads with exe2hex and PowerShell
- Windows Uploads using the Windows Scripting Languages
- Uploading Files with TFTP
Section 17.1: Define Antivirus Software
Section 17.2: Methods of Identifying the Malicious Code
- Signature-Based Detection
- Behavioral and Heuristic-Based Detection
Section 17.3: Eluding the Antivirus Detection
- On-Disk Evasion
- In-Memory Evasion
- AV Evasion
Section 18.1: Information Gathering
- Manual Enumeration
- Automated Enumeration
Section 18.2: Examples for Windows Privilege Escalation
- Windows Privileges and Integrity Levels
- User Account Control
- User Account Control Bypass
- Insecure File Permissions
- Leveraging the Unquoted Service Paths
Section 18.3: Linux Privilege Escalation Examples
- Linux Privileges
- Insecure File Permissions: /etc/passwd case study
- Insecure File Permissions: Cron Case Study
- Kernel Vulnerabilities: CVE-7-2 Case Study
Section 19.1: Wordlists
- Standard Wordlists
Section 19.2: Brute Force Wordlists
Section 19.3: Common Network Service Attack Methods
- HTTP htaccess Attack with Medusa
- Remote Desktop Protocol Attack with the Crowbar
- HTTP POST Attack with THC-Hydra
- SSH Attack with THC – Hydra
Section 19.4: Leveraging the Password Hashes
- Retrieving the Password Hashes
- Password Cracking
- Passing the Hash in Windows
Section 20.1: Port Forwarding
- RINETO
Section 20.2: SSH Tunneling
- SSH Local Port Forwarding
- SSH Remote Port Forwarding
- SSH Dynamic Port Forwarding
Section 20.3: PLINK.exe
Section 20.4: NETSH
Section 20.5: HTTPTunnel-ing Through the Deep Packet Inspection
Section 21.1: Active Directory Theory
Section 21.2: Active Directory Enumeration
- Conventional Approach
- A Modern Approach
- Resolving Nested Groups
- Currently Logged on the users
- Enumeration using the Service Principal Names
Section 21.3: Active Directory Authentication
- Kerberos Authentication
- NTLM Authentication
- Service Account Attacks
- Cached Credential Storage and Retrieval
- Slow and Low Password Guessing
Section 21.4: Active Directory Lateral Movement
- Pass the Hash
- Overpass the Hash
- Distributed Component Object Model
- Pass the Ticket
Section 21.5: Active Directory Persistence
- Domain Control Synchronization
- Golden tickets
Section 22.1: Metasploit Setup and User Interface
- Getting Familiarised with MSF Syntax
- Metasploit Database Access
- Auxiliary Modules
Section 22.2: Exploit Modules
- SyncBreeze Enterprise
Section 22.3: Metasploit Payloads
- Non-Staged vs Staged Payloads
- Experimenting the Meterpreter
- Meterpreter Payloads
- Executable Payloads
- Client-Side Attacks
- Metasploit Exploit Multi Handler
- Advanced Features and Transports
Section 22.4: Building Own MSF Module
Section 22.5: Post-Exploitation with Metasploit
- Core Post-Exploitation Features
- Post-Exploitation Modules
- Migrating Processes
- Pivoting with the Metasploit Framework
Section 22.6: Metasploit Automation
Section 23.1: Installation, Usage, and Setup
- PowerShell Empire Syntax
- Stagers and Listeners
- Empire Agent
Section 23.2: PowerShell Modules
- Situational Awareness
- Credential and Privilege Escalation
- Lateral Movement
Section 23.3: Switching Between Empire and Metasploit
Section 24.1: Public Network Enumeration
Section 24.2: Targeting the Web Application
- SQL Injection Exploitation
- Web Application Enumeration
- Cracking the Password
- Enumerating Admin Interface
- Obtaining the Shell
- Post-Exploitation Enumeration
- Creating the Stable Pivot Point
Section 24.3: Targeting Database
- Enumeration
- Trying to Exploit the Database
Section 24.4: Depper Enumeration of Application Server
- More Deeper Post Exploitation
- Searching for the DB Credentials
- Privilege Escalation
Section 24.5: Targeting Database Again
- Exploitation
- Post-Exploitation Enumeration
- Creating the Stable Reverse Tunnel
Section 24.6: Targeting the Poultry
- Exploitation (or just logging in)
- Enumeration
- Post-Exploitation Enumeration
- Unquoted Search Path Exploitation
Section 24.7: Internal Network Enumeration
- Reviewing the Results
Section 24.8: Targeting Jenkins Server
- Exploiting Jenkins
- Application Enumeration
- Privilege Escalation
- Post Exploitation Enumeration
Section 24.9: Targeting Domain Controller
- Exploiting Domain Controller
Upcoming Batch
April 20th (Weekends)
FRI & SAT (4 Weeks)
08:30 PM to 01:00 AM (CDT)
April 18th (Weekdays)
MON – FRI (18 Days)
10:00 AM to 12:00 PM (CDT)
Reviews
There are no reviews yet.