Thanks to visit codestin.com
Credit goes to github.com

Skip to content
/ OSCP-methodology Public template

Generic OSCP methodology, Template and Report generation.

License

GPL-3.0 license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

4n3i5v74/OSCP-methodology

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
reporting
reporting
 
 
CTF-Machine-Template.md
CTF-Machine-Template.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Reporting.md
Reporting.md
 
 

Repository files navigation

General Information

  • The file [CTF-Machine-Template.md] is the template to be used. Copy the content to a new document and start with the target.
  • The logic is to use any markdown based editor like obsidian, joplin, logseq etc, where this markdown based template can be easily edited.
  • The content has blank codeblocks to capture log outputs.
  • The [Abstract] section will contain information about target, its services/protocols, any credentials found and flags.
  • The [Initial Setup] section has variables to be set. Setting initial variables and exporting in all working tabs is important for commands in all sections.
  • The [Port Forwarding] section is required if target has to be accessed via tunneling or port forwarding.
  • The [Enumeration] section is broken up according to protocols, and is highly important to gain initial foothold and gather as much information/hints for the target. The section contains general methodologies for all protocols, along with various tips and useful information.
  • The [Exploitation] section has useful hints/tips useful for privilege escalation.
  • The [Privilege Escalation] section has logs to be gathered in assisting privilege escalation.
  • The [Post Exploitation] section is intended to capture required command outputs, loots and hashes once root privilege is obtained.

Disclaimer

  • The content is only one of many methodologies available for OSCP and general pentesting. Feel free to edit or provide feedback.
  • The content is gathered from various sources and my own experiences. Special thanks to S1ren, Kashz Jewels and Carlos Polop for their methodologies.

Instruction

  • Replace ATTACKERIP and TARGETIP with actual values.
  • Delete the sections if not required. This will tidy up the raw report and allows room to focus on actual methodologies to try.
  • The [Initial Setup] is where the gathering starts. Setting up 3-4 tabs for the target is much beneficial.
  • Once masscan and nmap scan is completed, retain the required sections under [Enumeration] and remove other sections.
  • Remove any informational content and retain only the actual command and its log for final report.

Report Generation

Refer to Reporting.md for steps to generate PDF report from markdown files using pandoc and latex.

About

Generic OSCP methodology, Template and Report generation.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published