Complete web attack guides from discovery to exploitation
- SQL Injection (Manual)
- SQL Injection (Code Execution)
- Cross-Site Scripting (XSS)
- Local File Inclusion + Log Poisoning
- Remote File Inclusion
- Command Injection
- Python Command Injection
- Directory Traversal
- File Upload (FileManager)
- File Upload (Non-Executable)
- API Enumeration
- API Pentesting
- API Exploitation
- Grafana Directory Traversal
- WordPress XSS Attack Chain
Windows-specific techniques and post-exploitation
- Credential Harvesting
- Password Attacks
- Remote Access Methods
- Pivoting Techniques
- Process Injection
- Office Macro Attacks
Linux privilege escalation and lateral movement
Network service enumeration and exploitation
Bypassing security controls and defenses
- AV Evasion Basics
- AV Evasion Advanced
- AppLocker Fundamentals
- AppLocker Bypasses
- Network Filter Bypasses
- Deep Packet Inspection
Cheat sheets and fast lookup guides
Active Directory enumeration and attacks
Practice machine writeups and exercises
OSCP/
├── web/ # All web exploitation (15 files)
├── windows/ # Windows techniques (6 files)
├── linux/ # Linux techniques (2 files)
├── services/ # Network services (5 files)
├── evasion/ # Defense bypasses (6 files)
├── quick-ref/ # Fast lookups (4 files)
├── active-directory/ # AD attacks (1 file)
├── lab-notes/ # Practice writeups
│ ├── exercises/
│ ├── proving-grounds/
│ ├── hackthebox/
│ └── vulnhub/
├── scans/ # Scan outputs
├── exploits/ # Custom scripts
└── CLAUDE.md # Project configuration
# Web application testing
cat web/sqli-manual.md
cat web/file-upload-filemanager.md
# Windows post-exploitation
cat windows/credential-harvesting.md
cat windows/lateral-movement.md
# Service enumeration
cat services/nmap.md
cat services/smb.md
# Quick reference during engagement
cat quick-ref/reverse-shells.md
cat quick-ref/php-wrappers.md
# Evasion techniques
cat evasion/av-evasion-advanced.md- Enumeration Phase: Start with
services/nmap.md, then specific service guides - Web Testing: Check
web/directory for specific vulnerability types - Initial Access: Reference
quick-ref/reverse-shells.mdfor payloads - Post-Exploitation: Use
windows/orlinux/for privilege escalation - Evasion: Check
evasion/if encountering AV/AppLocker/filters - Active Directory: Use
active-directory/enumeration.mdfor AD environments
Each document contains:
- PURPOSE: What this technique accomplishes
- COMMANDS: Full syntax with flag explanations
- EXPECTED OUTPUT: What success looks like
- TROUBLESHOOTING: Common issues and fixes
- EXAM TIPS: OSCP-specific considerations
All guides are end-to-end: discovery → enumeration → exploitation → completion
When adding new documentation:
- Place in appropriate attack vector directory
- Update this index
- Include complete command explanations with all flags
- Add practical examples from labs
- Include troubleshooting section
- Focus on OSCP exam applicability