Para el OSCP no puedes usar herramientas automáticas como Burp Pro, o escaners como Nexpose, Tenable, etc.
Tampoco te dicen claramente que usar. Hay una lista de recursos recomendados por los que ya pasaron que puede servir de guia. Fue originalmente publicado en discord.
Reporting Frameworks
- Dradis — https://dradisframework.com/academy/industry/compliance/oscp/
- Serpico — https://github.com/SerpicoProject/Serpico
Report Template
- Created by whoisflynn — https://github.com/whosiflynn/OSCP-Exam-Report-Template
Enumeration
- AutoRecon — https://github.com/Tib3rius/AutoRecon
- nmapAutomator — https://github.com/21y4d/nmapAutomator
Web Related
- Dirsearch — https://github.com/maurosoria/dirsearch
- GoBuster — https://github.com/OJ/gobuster
- Recursive GoBuster — https://github.com/epi052/recursive-gobuster
- wfuzz — https://github.com/xmendez/wfuzz
- goWAPT — https://github.com/dzonerzy/goWAPT
- ffuf — https://github.com/ffuf/ffuf
Payload Generators
- Reverse Shell Generator — https://github.com/m0rph-1/revshellgen
- Windows Reverse Shell Generator — https://github.com/thosearetheguise/rev
PHP Reverse Shells
- Windows PHP Reverse Shell — https://github.com/Dhayalanb/windows-php-reverse-shell
- PenTestMonkey Unix PHP Reverse Shell — http://pentestmonkey.net/tools/web-shells/php-reverse-shell
Terminal Related
- tmux — https://tmuxcheatsheet.com/ (cheat sheet)
- tmux-logging — https://github.com/tmux-plugins/tmux-logging
- Oh My Tmux — https://github.com/devzspy/.tmux
- screen — https://gist.github.com/jctosta/af918e1618682638aa82 (cheat sheet)
- Terminator — http://www.linuxandubuntu.com/home/terminator-a-linux-terminal-emulator-with-multiple-terminals-in-one-window
Exploits
- Exploit-DB — https://www.exploit-db.com/
- Windows Kernel Exploits — https://github.com/SecWiki/windows-kernel-exploits
- AutoNSE — https://github.com/m4ll0k/AutoNSE
- Linux Kernel Exploits — https://github.com/lucyoa/kernel-exploits
Brute Forcers
- BruteX — https://github.com/1N3/BruteX
- Hashcat — https://hashcat.net/hashcat/
Post-Exploitation
- LinEnum — https://github.com/rebootuser/LinEnum
- linprivchecker —https://www.securitysift.com/download/linuxprivchecker.py
- Powerless — https://github.com/M4ximuss/Powerless
- PowerUp — https://github.com/HarmJ0y/PowerUp
- Linux Exploit Suggester — https://github.com/mzet-/linux-exploit-suggester
- Windows Exploit Suggester — https://github.com/bitsadmin/wesng
Privilege Escalation Practice
- Local Privilege Escalation Workshop — https://github.com/sagishahar/lpeworkshop