OSCP Guide 03/12 – Web

In this video I continue my OSCP guide series in which I will share the knowledge I've obtained regarding OSCP, the PEN-200 course, and in general to help you prepare for your OSCP certification. ------------------------- TIMESTAMP: 00:00 Introduction 01:40 OSCP Web content 04:55 SQL Injection 05:55 Directory Traversal 09:15 Local File Inclusion (LFI) 11:39 Remote File Inclusion (RFI) 13:15 File upload vulnerabilities 16:10 OS command injection 19:15 Cross-Site Scripting (XSS) 21:15 Auto-exploitation tools are not allowed 24:25 Cheatsheet - General enumeration 28:50 Cheatsheet - Brute forcing 31:10 Cheatsheet - HTTP enumeration 36:25 Cheatsheet - SMB enumeration 38:40 Cheatsheet - SNMP enumeration 42:37 Conclusion ------------------------- RESOURCES: - PEN-200 Course: https://www.offsec.com/courses/pen-200/ - Cheatsheet link: https://github.com/LeonardoE95/OSCP - OSCP Guide blog post: https://blog.leonardotamiano.xyz/tech/oscp-technical-guide/ ------------------------- CONTACTS - Technical blog: https://blog.leonardotamiano.xyz/ - Support my work: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ