Usage of all tools/scripts on this site for attacking targets without prior mutual consent is illegal.
It is the end user’s responsibility to obey all applicable local, state and federal laws.
I assume no liability and am not responsible for any misuse or damage caused by this site. The resources I have used are too many to count and I am grateful and proud to be part of a community where knowledge is not hoarded but shared for the common good.
Copy https://www.offensive-security.com/
https://www.exploit-db.com/
https://highon.coffee/blog/lfi-cheat-sheet/
https://sushant747.gitbooks.io/total-oscp-guide/content/webshell.html
https://github.com/payloadbox/rfi-lfi-payload-list
https://portswigger.net/web-security/cross-site-scripting/cheat-sheet
https://www.invicti.com/blog/web-security/sql-injection-cheat-sheet/
https://portswigger.net/web-security/sql-injection/cheat-sheet
https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html)
https://github.com/0xAyub/Tomnomnom_VirSecCon2020_Talk #Bash scripting
https://github.com/swisskyrepo/PayloadsAllTheThings #Everything AD
https://nored0x.github.io/red-teaming/active-directory-domain-enumeration-part-1/
https://gist.github.com/HarmJ0y/184f9822b195c52dd50c379ed3117993 #PowerView Tricks
https://book.hacktricks.xyz
http://pentestmonkey.net/
https://danielmiessler.com/
https://www.corelan.be/
https://blog.ropnop.com/transferring-files-from-kali-to-windows/
http://travisaltman.com/windows-privilege-escalation-via-weak-service-permissions/
http://www.fuzzysecurity.com/tutorials/16.html
http://it-ovid.blogspot.cl/2012/02/windows-privilege-escalation.html
https://github.com/gentilkiwi/mimikatz
http://bernardodamele.blogspot.cl/2011/12/dump-windows-password-hashes.html
http://www.harmj0y.net/blog/powershell/powerup-a-usage-guide/
https://github.com/PowerShellEmpire/PowerTools/tree/master/PowerUp
http://pwnwiki.io/#!privesc/windows/index.md
https://gist.github.com/insi2304/484a4e92941b437bad961fcacda82d49
https://github.com/evait-security/ClickNRoot/blob/master/list.yml
https://www.n00py.io/2020/12/alternative-ways-to-pass-the-hash-pth/
https://www.hackingarticles.in/active-directory-enumeration-bloodhound/
https://cheatsheet.haax.fr/windows-systems/exploitation/remote_execution_techniques/
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
https://corneacristian.medium.com/tips-for-offensive-security-experienced-penetration-tester-osep-certification-92f3801428c3
https://github.com/61106960/adPEAS
https://boschko.ca/braindead-buffer-overflow-guide-to-pass-the-oscp-blindfolded/
https://github.com/six2dez/OSCP-Human-Guide/blob/master/oscp_human_guide.md
https://blog.stealthbits.com/extracting-service-account-passwords-with-kerberoasting/
https://bulbsecurity.com/finding-bad-characters-with-immunity-debugger-and-mona-py/
https://github.com/theonlykernel/enumeration/wiki
https://fareedfauzi.gitbook.io/oscp-notes/services-enumeration/http-s/enumeration-checklist
https://liodeus.github.io/2020/09/18/OSCP-personal-cheatsheet.html
https://m0chan.github.io/2019/07/31/How-To-Attack-Kerberos-101.html
https://github.com/V1n1v131r4/OSCP-Buffer-Overflow
https://github.com/Tib3rius/Pentest-Cheatsheets/blob/master/exploits/buffer-overflows.rst
https://oscp.securable.nl/buffer-overflow
https://nop-blog.tech/oscp/bof-cheatsheet/
https://lolbas-project.github.io
https://www.ired.team
https://github.com/ivan-sincek/penetration-testing-cheat-sheet
https://github.com/hakluke