Found some notes from my OSCE study guide…I didnt compile this entire list but I used this.

Online Study Resources

1. Advanced Web Attacks

2. Backdooring PE

3. Bypassing AV

4. Exploit development

  1. Fuzzing
  2. Assembly and Shellcode basics
  3. Stack Based Overflow
    • Corelan and 2
    • FuzzySecurity’s Exploit Development and 2
    • Securitysift’s Windows Exploit Development 123 and 4
  4. SEH
  5. Egghunting
  6. Bypassing ASLR

5. Advanced Network Attacks

6. Study cases:


Offline Study Resources

  1. Hacking: The Art of Exploitation: Chapter 1,2,3 and 5 are relevant to OSCE.
  2. Assembly Language Step-by-Step: Programming with Linux
  3. The Shellcoder’s Handbook: Discovering and Exploiting Security Holes

Practice

  1. http://overthewire.org/wargames/narnia/
  2. http://www.thegreycorner.com/2010/12/introducing-vulnserver.html
  3. http://canyouhack.us
  4. https://holidayhackchallenge.com/2016/
  5. https://exploit-exercises.com/protostar/
  6. https://exploit-exercises.com/fusion/
  7. http://io.netgarage.org:84/ (Thanks WhizzMan!)