explaingit

0xsyr0/oscp

Analysis updated 2026-07-03

3,728PowerShellAudience · ops devopsComplexity · 1/5Setup · easy

TLDR

A comprehensive command-and-technique cheat sheet for the OSCP penetration testing certification, organized by category including network scanning, web exploits, password attacks, post-exploitation, and Windows Active Directory attacks.

Mindmap

mindmap
  root((OSCP Cheat Sheet))
    Reconnaissance
      Network scanning
      Web enumeration
    Web Attacks
      App analysis
      Database testing
    Exploitation
      Password attacks
      Known vulnerabilities
    Post Exploitation
      Windows AD
      Kerberos attacks
      Certificate services
    Study Notes
      Exam tool rules
      OSCP plus content
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Look up exact commands for network scanning, password cracking, or Active Directory attacks while practicing for the OSCP exam.

USE CASE 2

Quickly find the right post-exploitation technique for a compromised Windows machine during a pentest lab session.

USE CASE 3

Study the certificate services and Kerberos attack sections to prepare for the newer OSCP+ exam content.

USE CASE 4

Use as a rapid reference during CTF competitions to find exploitation and privilege escalation commands.

What is it built with?

PowerShellBash

How does it compare?

0xsyr0/oscps3cur3th1ssh1t/winpwnmantvydasb/redteaming-tactics-and-techniques
Stars3,7283,6644,590
LanguagePowerShellPowerShellPowerShell
Setup difficultyeasymoderatehard
Complexity1/54/54/5
Audienceops devopsops devopsdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

In plain English

This repository is a cheat sheet for people studying for the OSCP certification, which stands for Offensive Security Certified Professional. OSCP is a hands-on penetration testing certification where candidates must break into a set of machines within a time limit. The cheat sheet collects the commands and techniques needed to do that work quickly under exam pressure. Penetration testing is the practice of probing computer systems for security weaknesses, with permission, to find problems before attackers do. The OSCP exam tests this skill in a controlled lab environment. Candidates need to know how to scan networks, find vulnerabilities in web applications and databases, crack passwords, exploit known flaws in software, and then move deeper into a system after getting initial access. This repo organizes all of that into one place. The content is grouped into broad categories: information gathering, web application analysis, database assessment, password attacks, exploitation tools, and post-exploitation. Within each category there are subsections for specific tools and techniques, with exact commands ready to copy and use. The post-exploitation section is notably large and covers Windows Active Directory environments in detail, including attacks on certificate services and Kerberos authentication, which are areas the OSCP exam has expanded into with its newer OSCP+ variant. The author includes an important note about exam rules: some automated tools like sqlmap are not permitted during the OSCP exam, and readers are advised to check the official exam guide themselves before relying on any tool listed here. The cheat sheet is a reference, not a guaranteed exam strategy. The repository is actively maintained and updated as the certification evolves. It is aimed at security professionals and students, not general-purpose software developers. The full README is longer than what was shown.

Copy-paste prompts

Prompt 1
I'm practicing for the OSCP exam. Walk me through an initial reconnaissance workflow starting with network scanning and ending with web application enumeration, using commands from the cheat sheet.
Prompt 2
Using the OSCP cheat sheet as a reference, explain the Kerberoasting attack and show me the commands to execute it against a Windows Active Directory environment.
Prompt 3
Help me understand what Active Directory certificate services attacks are and which tools in the OSCP cheat sheet are used to exploit them.
Prompt 4
I have initial access on a Linux machine during an OSCP lab. What are the first post-exploitation steps I should run, using the commands from this cheat sheet?

Frequently asked questions

What is oscp?

A comprehensive command-and-technique cheat sheet for the OSCP penetration testing certification, organized by category including network scanning, web exploits, password attacks, post-exploitation, and Windows Active Directory attacks.

What language is oscp written in?

Mainly PowerShell. The stack also includes PowerShell, Bash.

How hard is oscp to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is oscp for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub 0xsyr0 on gitmyhub

Verify against the repo before relying on details.