This is a compiled cheatsheet from my experience of OSCP 2023 journey. Won't say it is all-rounded but a good starting point if you wanna start your OSCP study. It covered all the tools, common issues and tips that I have faced during my study. It is still being updated and feel free to comment if you want any improvements.
☆14Oct 17, 2024Updated last year
Alternatives and similar repositories for OSCP-cheatsheet
Users that are interested in OSCP-cheatsheet are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- HITCON 2023 x DEVCORE Wargame☆22Aug 24, 2023Updated 2 years ago
- Audit and pentest methodologies for Windows including internal enumeration, privesc, lateral movement, etc.☆19Mar 31, 2026Updated 2 weeks ago
- A terminal workspace with batteries included☆19Sep 21, 2025Updated 6 months ago
- Python Exploitation Framework☆38Apr 7, 2026Updated last week
- Multi-protocol credential validation tool with spray and no-spray modes for penetration testing.☆16Jan 4, 2026Updated 3 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Vulnerabilities exploitation examples, python☆23May 22, 2023Updated 2 years ago
- Recently, the OpenSSH maintainers released security updates to fix a critical vulnerability that could lead to unauthenticated remote cod…☆13Jul 2, 2024Updated last year
- Filezilla local admin port exploit☆13Sep 13, 2017Updated 8 years ago
- Various AD tools needed for penetration testing in one place.☆23Jul 13, 2023Updated 2 years ago
- Unofficial list of approved tools for OSCP☆28Apr 25, 2023Updated 2 years ago
- Repository for tools used for the OSCP☆24Sep 18, 2025Updated 6 months ago
- Hours of research on color theory and what hues stimulate the eyes, and hand-picked hacked icons☆14Mar 13, 2024Updated 2 years ago
- Lightweight, customizable enumeration script to aid in time-saving when participating in hacking labs or OSCP exam.☆32Feb 18, 2026Updated last month
- Pentest report framework without data send☆19Sep 23, 2025Updated 6 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Python3 implementation of ADRecon with support for NTLM and Kerberos authentication querying LDAP. Generates individual CSV files and a s…☆60Feb 23, 2026Updated last month
- HITCON 2024 x DEVCORE Wargame☆31Aug 30, 2024Updated last year
- Notes for red teamers - from cloud to Active Directory to many things in between.☆63Jan 7, 2026Updated 3 months ago
- ☆30Sep 20, 2023Updated 2 years ago
- Collection of notes and scripts I used during my OSCP exam preparation.☆42Dec 21, 2025Updated 3 months ago
- Living off the Land (LOL) attack techniques, tools, and defender resources☆35Apr 3, 2026Updated last week
- A python3 and bash PoC for CVE-2021-4034 by Kim Schulz☆22Jan 27, 2022Updated 4 years ago
- A tool developed in Java for enumerating and scanning WordPress websites. It is completely free, open source and with no API rate limit.☆25Sep 17, 2025Updated 6 months ago
- ☆38Feb 26, 2019Updated 7 years ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Scripts I created to pass the OSCP☆22Jul 23, 2021Updated 4 years ago
- Bash script to parse and convert linpeas\winpeas output files to readable HTML or PDF format☆36Apr 16, 2022Updated 4 years ago
- this repo is for windows privilege escalation technique☆54Aug 28, 2021Updated 4 years ago
- ☆51May 18, 2022Updated 3 years ago
- Execute commands across Windows and Linux systems using multiple RCE methods☆90Mar 2, 2026Updated last month
- useful stuff for pentesting☆53Mar 18, 2025Updated last year
- Quick scripts I developed to streamline OSCP tasks☆219Jun 14, 2025Updated 10 months ago
- Creation of multiple Malware tools consisting of evasion, enumeration and exploitation☆101Apr 8, 2026Updated last week
- ☆11Jan 6, 2020Updated 6 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Specialized testing tool designed to identify vulnerabilities and bugs in OPC UA (Open Platform Communications Unified Architecture) impl…☆43Feb 4, 2026Updated 2 months ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆11Apr 2, 2021Updated 5 years ago
- ☆20Jan 25, 2019Updated 7 years ago
- Simple Zeroconf/mDNS scanner written in Go with no external dependencies☆12Apr 20, 2021Updated 4 years ago
- 在线cms识别|旁站|c段|信息泄露|工控|系统|物联网安全|cms漏洞扫描|nmap端口扫描|子域名获取|待续..☆10Apr 23, 2019Updated 6 years ago
- A collection of study notes and resources for the Offensive Security Certified Professional (OSCP) certification exam. Includes summaries…☆65Nov 15, 2025Updated 5 months ago
- A general purpose cheat sheet for pentesting and OSCP certification☆277Jan 16, 2026Updated 3 months ago