How To Hack The Box To Your OSCP

Name: How To Hack The Box To Your OSCP
Rating: 4.7 (711 reviews)

Practice + Pwn + Profit!

Created byVonnie Hudson

Last updated 11/2022

English

What you'll learn

Technical confidence needed to take on the OSCP exam
Attacker tradecraft mapped to the MITRE ATT&CK Framework
New tooling and techniques to conduct higher quality penetration tests and red team exercises.
Expert tips and tactics for becoming a competent offensive cyber security professional

Course content

4 sections • 30 lectures • 13h 41m total length

Hypervisors5:12
Before we starting breaking boxes I wanted to give you an overview of the different types of hypervisors that exist out there. You will learn what a hypervisor is and which type we will establish in our Hack The Box environment. This is a quick show and tell! Let's go!
VMWare Workstation: Downloading2:11
Alright, so let's kick things off by downloading our hypervisor!
VMWare Workstation: Installing2:24
Yes! Now we're going to Next, Next Finish the installation and quickly talk about some of the installation settings I like to enable and why
Kali Linux: Downloading2:56
In this lecture I'll provide a brief introduction to Kali, a glimpse of the tools provided in this Linux distro and how to download the pre-built VMWare image! Let's go!
Kali Linux: Installing11:03
Let's install Kali! In this video we will extract the VM, import it into VMWare Workstation and modify a few settings. The VMWare image comes pre-built at 80GB but what if you wanted a bigger VM? GREAT QUESTION! So in this lecture I'll also show you how to expand the disk in VMWare Workstation and then how to use fdisk and gparted to extend your partitions so the OS recognizes the disk expand from VMWare Workstation! It's going to be a lot of fun (it's a little advanced... kind of early I know... but you can do it with me by your side!) Let's do this baby!!
Customizing Kali: pimpmykali.sh7:45
Yes! It's time to get to work. So one thing that's super annoying about Kali and Hack The Box is that you'll waste hours and hours of time trying to troubleshoot a broken tool because it's missing a pip dependency or update repo... and it's super super frustrating. So in this lecture I'm going to show you a golden script that basically automatically configures Kali to JUST WORK. It's awesome. We'll also configure the browser by adding Wappalyzer and BuiltWith which will aid our recon activities. And we will setup FoxyProxy in preparation for using Burp later. There's also a few other odds and ends we add to this lecture to make it perfecto! So let's not waste any more time and just jump in baby! LET'S DO THIS!! YES!!
Customizing Kali: TMUX8:37
Our Kali is officially pimped but now we need tmux. This is an awesome tool that will let us split panes, create terminal tabs, log our work and search through the terminal like a text document. It's really really cool and today I'm going to show you how to use it baby! YES! hahah let's do this.
TMUX: Quick Tutorial5:47
YES YES YES! The moment we have all been waiting for! Split panes. Copy and paste. Rename tabs. Resize panes. Log your output. It's all here - it's the awesome sauce that makes TMUX so dang delicious. In this lecture we'll get into it and by the end of it you'll become a TMUX subject matter expert... yeah - in just 5 minutes... Let's go!!!
Obsidian: Downloading + Starting4:21
Obsidian is the new CherryTree (which was the new KeepNote). If you don't know Markdown or are a little rusty you're going to love this lecture and the following one. I'm going to show you where the Penetration Testing industry is going in terms of staying organized. Next I'll show you how to download and run Obsidian. We're going to keep it short and sweet because we have a good bit to go through in the next lecture! I'm so glad you're here! Let's do this!
Obsidian: Quick Tutorial7:35
Split panes. Starred notes. Linked content. Markdown. Hotkeys. It's time to supercharge your notetaking workflow. Say goodbye to KeepNote and CherryTree and hello to Obsidian and Markdown! Let's go! This is going to change your life baby! lol
Obsidian: Markdown Tutorial!5:39
It's time for Markdown 101. You game? Let's go!
HTB: Sign Up!5:05
And now... we Sign-Up! In this quick lecture I'll walk you through joining the Hack The Box community and upgrading your account to VIP. I'll also explain why you need to do the upgrade... and no I am not an affiliate (but I should be dang it!) Let's go!
HTB: Access!2:14
So we're all signed up but how do we connect to the HTB network? OpenVPN baby! Come! Let me show you how easy this is!
HTB: Workflow3:20
Let's round the HTB section off with a quick run through my workflow. You'll see how I setup my TMUX tabs for maximum efficiency and how I position Obsidian for optimal success. This lecture is really fast - so just breeze through it and keep marching forward!
MITRE: ATT&CK3:33
I wanted to add some immediate real-world realism to the work we will be doing in the Hack The Box lab environment. Truthfully, there's no better resource for understanding attacker tools, tactics and techniques than the MITRE ATT&CK Framework! So let's jump in really quick and give it a go!
MITRE: Engage3:00
MITRE Engage is all about cyber deception and decoys. It's a framework for active defense that blue teamers and decision makers can use to reduce risk. Sounds cool right? It is cool. It used to be called MITRE SHIELD but it has evolved and you need to know this framework... NOT for the OSCP - just as a competent cybersecurity professional. Let's jump in!
MITRE: D3FEND2:47
Countermeasures are important and that's why MITRE D3FEND is a great framework to reference. It's not nearly as prodigious as it's grown up cousin, ATT&CK, so it's easier to navigate. In this quick lecture we'll take a tour through D3FEND so you can know what it is and have a reference when you need it!
OWASP: Top 103:20
The Gold Standard in Web Application Penetration Testing Methodologies is the OWASP Top 10. In this lecture I'll give you a general idea what it is and then we'll explore a specific attack and even pivot from the OWASP Top 10 directly into the MITRE ATT&CK Framework. My hope is that you will begin to see the unity in these frameworks and begin to rely on them to conduct high-quality penetration testing engagements in your future cyber career! Sound good?? Yes! Let's go!!!

Linux: Lame1:02:46
You want to turn an Easy box into an Insane box? Sure, you can instantly pop this box with Metasploit, that's why the HTB community ranks it as Easy but in this lecture I'm going to show you FIVE ways to shell - and nothing is easy about it! But don't worry - I'll walk you through the entire process, carefully delineating my thought process and guiding you toward hacking excellence. Are you ready to pwn and profit? Let's do it baby!
Linux: Beep55:10
We're going to pop this box four ways. We're even going to get into why the box was vulnerable in the first place and we'll pull down an open-source copy of the web app, do some code review, identify the bug in source and then explain exactly what code conditions led to exploitation. As always, everything is MITRE ATT&CK Mapped and it's going be insane! Get ready for a learning bing - Beep style! Let's go!
Linux: Bank1:33:52
Yes! In this lecture you're going to learn regular expression basics, Linux scripting fundamentals, how to use Feroxbuster (a great alternative to GoBuster, DirSearch, Dirb and Burp Intruder) and Nuclei by Project Discovery (a great alternative to Nessus and nmap). You'll also learn EXACLTY what a web shell is - yes - it will finally all make sense. As always, I've held nothing back and I can't wait to walk you through all the awesome things you'll do in this lecture! Let's go!!! OH YEAH - and you're also going to learn how to use aquatone (I don't like Gowitness or WitnessMe even though some argue they are better) and pwncat (which is basically netcat on steroids... I call it a modern netcat replacement!) YES YES YES! LETS GO!
Windows: Legacy43:16
We're going to pop this box three ways: two CVE's and one via Metasploit. Yup, I said it: META SPLOIT. "But Vonnie, I thought this was an OSCP study course?" Good point - but that doesn't mean you shouldn't know how to use Metasploit! Don't worry, when we use Metasploit I'll share a few things I bet you didn't know like why you should use msfdb start and how to cover your tracks. It's going to be pretty cool. As always, everything is mapped to MITRE ATT&CK and we're going to have a ton of fun. So you ready baby!? ARE. YOU. READY???? LETS GO!!! lol
Windows: Devel57:28
In this lecture we're going to have fun with the Burp Embedded Browser. I'm also going to show you what to do when standard privesc scripts fails or are incompatible with the target server. But that's not the best part. The best part of this lecture is when we go back through our attack kill chain and investigate all the artifacts left behind. Not only will we dig into the FTP server configuration and learn how to harden the server (without patching it), we'll also dig into the IIS web logs and Event Logs and diagnose the attacker's tradecraft so we can learn how we could have detected this in a real network. At the end we'll use netstat and tasklist to manually trace the process parent-child ancestry. Yup, it's a poor mans Carbon Black using baked in Windows tools! And to top it all off... we're even going to dump the process memory and manually inspect the virtual address space using strings and grep. It's going to be nuts guys! I have a real treat for you inside - so let's go!
Windows: Optimum1:28:27
YES!! In this lecture you're learning: (1) how to understand a exploit written in Python, (2) how to methodically troubleshoot why your reverse shell is failing, (3) how to interpret the winPEAS output, (4) how to understand why a privesc binary keeps failing (5) how to understand why a privesc Powershell script keeps failing (6) how to dive into the Windows Event Logs to diagnose evidence of attack (7) how to perform static code analysis on the vulnerable application to understand why the target was exploitable. Yup - it is going to be bonkers guys!! I'm not waiting any more time gushing about this one - let's just dive in!

Linux: Popcorn1:12:30
Get comfy, sit box, grab a bag of popcorn and enjoy. The first time you get into this I just want you to sit back and relax. Watch how I think through the different exploitation paths, pay attention to my logic flow and listen to what I'm doing so you can replicate my attack approach. I'm going to show you some huge gotchas when we land our shell. Enjoy the learning experience. After you've watched it once or twice, fire up the VM and start hacking! Let's do this baby!
Linux: TenTen42:00
Wordpress is usually rife with vulnerabilities! In this lecture you'll learn why it's so important NOT to push outdate plugins to production! We're going to follow the entire attack lifecycle from recon to root. Let's go!
Windows: Bastard1:10:03
YES!!! In this lecture you will learn: (1) How to use the little known Burp Browser (2) How to Use WhatWeb with Wappalyzer to recon your target (3) How to use proxy arcane exploit scripts through Burp Proxy to troubleshoot why exploits are failing... and then how to fix it! (4) How to fix broken python scripts (5) How to inject stolen session cookies into your browser and login as the victim (6) How to execute an in-memory reverse shell and leave behind almost zero artifacts - AND THEN - how to confirm the logs are clean on target so you don't get caught (7) How to study the victim logs to look for indicators of compromise and evidences of infection. MAN ON MAN - I can't tell you how FUN this box was to hack and teach. Are you ready???? Let's goooooo!!!!!!
Linux: Union1:19:57
Wanna watch me struggle and learn my thinking process toward a root shell? Okay good. Want to learn how to manually exploit SQL injection without using automated tools? Okay good. Want to learn how to bypass a web application firewall? Okay good! Let me show you ALL this and more! Let's go!
Windows: Jeeves1:09:09
Oh yeahhh lol - are you ready to learn how to crack encrypted password vaults with John? Yeah we got that. Are you ready to learn how to exploit the Groovy scripting language to stage a reverse shell to your box through an open Jenkins CI instance? Yeah we got that. You ready to Pass the Hash (PtH) and look for evidence of the attack in the Windows event logs? Yeah we got that! You ready to elevate your privileges with Juicy Potato and actually understand what it's doing and WHY it works? Yeah we got that!! STOP reading this and start hacking - now! Let's go!

Requirements

Basic computer with at least 16GB of RAM
VMWare Workstation Trial
VIP Hack The Box Account
Constant Curiosity and a thirst to learn new things :)

Description

Hack The Box has quickly surged to become the premiere place for flexing your hacking talent, learning new skills and preparing for penetration testing exams such as the OSCP.

In this course you will quickly set up a hacking environment in VMWare Workstation and then immediately nose-dive into compromising hacking boxes ranked as easy and medium.

The chief benefit to you in taking this course is that it will greatly enhance your ability to perform well on the exam. I will not only thoughtfully, and carefully, show you how to takeover Windows and Linux boxes, but I will also give you a behind-the-curtain peek into my thought process so you'll know why I'm doing what I'm doing and why it makes sense.

You’ll also see how I setup my system. I’ll take on you on a tour of my lab so you can replicate everything at home.

I created this course as a means of helping me pass the exam. I currently don't have the OSCP cert. I've taken the training material and took the 24 hour exam but failed it. BUT! Instead of letting that get me down, I decided to create an online course as a means of helping me master the concepts I encountered in my training and on the exam.

We are about to have a lot of fun and I can hardly wait to come along side you on your journey to earning your OSCP. Are you ready to have fun studying for this thing?

Get prepared to go on a ride. You’re about to learn a lot and many of the tactics and techniques we leverage align with real world scenarios.

All attacks and techniques are mapped to the MITRE ATT&CK Framework.

So here's the thing:

If you're a software engineering dreaming about how to pwn boxes then this course is for you.

If you're the curious type who wonders what could have been done differently after rooting a box or if you want to know WHY exploits fail... then this course is for you.

If you want to stop feeling like an imposter who acts like you know what you're talking about and want to finally feel the confidence, pleasure and peace that comes from REALLY knowing what you're talking about.. then this.... course.... is for you.

Let's go! You got this baby!

Courses were being added every two months.
Last lecture named "Union" was added Feb 1st 2022

Who this course is for:

Students who want to earn their OSCP Certification

How To Hack The Box To Your OSCP

What you'll learn

Explore related topics

Course content

Press Play18 lectures • 1hr 27min

Easy6 lectures • 6hr 41min

Medium5 lectures • 5hr 34min

BONUS SECTION: THANK YOU!!!1 lecture • 1min

Requirements

Description

Who this course is for: