Analysis updated 2026-07-03
Look up exact commands for network scanning, password cracking, or Active Directory attacks while practicing for the OSCP exam.
Quickly find the right post-exploitation technique for a compromised Windows machine during a pentest lab session.
Study the certificate services and Kerberos attack sections to prepare for the newer OSCP+ exam content.
Use as a rapid reference during CTF competitions to find exploitation and privilege escalation commands.
| 0xsyr0/oscp | s3cur3th1ssh1t/winpwn | mantvydasb/redteaming-tactics-and-techniques | |
|---|---|---|---|
| Stars | 3,728 | 3,664 | 4,590 |
| Language | PowerShell | PowerShell | PowerShell |
| Setup difficulty | easy | moderate | hard |
| Complexity | 1/5 | 4/5 | 4/5 |
| Audience | ops devops | ops devops | developer |
Figures from each repo's GitHub metadata at analysis time.
This repository is a cheat sheet for people studying for the OSCP certification, which stands for Offensive Security Certified Professional. OSCP is a hands-on penetration testing certification where candidates must break into a set of machines within a time limit. The cheat sheet collects the commands and techniques needed to do that work quickly under exam pressure. Penetration testing is the practice of probing computer systems for security weaknesses, with permission, to find problems before attackers do. The OSCP exam tests this skill in a controlled lab environment. Candidates need to know how to scan networks, find vulnerabilities in web applications and databases, crack passwords, exploit known flaws in software, and then move deeper into a system after getting initial access. This repo organizes all of that into one place. The content is grouped into broad categories: information gathering, web application analysis, database assessment, password attacks, exploitation tools, and post-exploitation. Within each category there are subsections for specific tools and techniques, with exact commands ready to copy and use. The post-exploitation section is notably large and covers Windows Active Directory environments in detail, including attacks on certificate services and Kerberos authentication, which are areas the OSCP exam has expanded into with its newer OSCP+ variant. The author includes an important note about exam rules: some automated tools like sqlmap are not permitted during the OSCP exam, and readers are advised to check the official exam guide themselves before relying on any tool listed here. The cheat sheet is a reference, not a guaranteed exam strategy. The repository is actively maintained and updated as the certification evolves. It is aimed at security professionals and students, not general-purpose software developers. The full README is longer than what was shown.
A comprehensive command-and-technique cheat sheet for the OSCP penetration testing certification, organized by category including network scanning, web exploits, password attacks, post-exploitation, and Windows Active Directory attacks.
Mainly PowerShell. The stack also includes PowerShell, Bash.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.