LainKusanagi认为类似OSCP的靶机列表
为什么翻译这个表格?
这篇文档是这个表格整理和翻译https://docs.google.com/spreadsheets/d/18weuz_Eeynr6sXFQ87Cd5F0slOj9Z6rt/
因为我想尽快拿下OSCP (年底之前),同时给想考这个证书的师傅提供一点帮助,
just do it
下面所有的"我"指的是"LainKusanagi",并非笔者
LainKusanagi是谁?
-在参加PEN 200课程之前和期间,以及在第一次尝试失败后,我在多个黑客平台上完成了多台机器。 -我完成了所有的PEN 200课程,以及2023年版PEN 200中引入的所有挑战实验室(包括其他人跳过的挑战实验室网络)。 -我第一次尝试以60分失败,然后以90分通过了第二次尝试。我在每次尝试中都经历了完全不同的考试。 -在我的learn-one订阅结束之前,我还完成了2024年10月添加的挑战实验室。 -所有这些经历让我很好地了解了什么是OffSec风格的盒子,以及考试中需要了解的重要内容 有反馈或建议吗?请在此处告诉我: https://x.com/unknownseeker99 https://www.linkedin.com/in/luis-moret-4a42ab246/ https://www.reddit.com/user/JosefumiKafka/
这个文档里面的表格是什么?
-这是我认为在参加PEN 200课程、挑战实验室和OSCP考试之前适合练习的机器列表,但这并不能代替实际课程,我建议你在尝试考试之前完成所有课程、练习和挑战。 -之所以选择此列表中的机器,是因为它们要么教授课程和实验室中发现的重要技术和概念,要么与offec制造的机器风格相似,要么在某种程度上对帮助我发展方法论和通过考试至关重要。 -这个列表与著名的TJ Null列表有很多重叠,但它也过滤掉了可能超出PEN 200和OSCP考试范围的框,包括来自其他黑客平台(如Tryhackme和VirtualHackingLabs)的框,我仍然在这个列表中添加了一些可能比OSCP更难的元素,但我相信值得一做,因为它们可能还有一些其他方面需要了解和练习
关于假设违规广告,您可能需要了解的内容:https://www.reddit.com/r/oscp/comments/1f5ojaq/assumed_breach_ad_what_you_may_need_to_know/
Hackthebox
‘在这里开始学习更加努力。不要完全跳过hackthebox——有些盒子有重要的概念,即使在SNMP和Keepass这样的PG实践中也很少见——AD盒子也是很好的实践,即使在某些方面比OSCP更难。至少观看ippsec视频并做笔记
| Linux | Windows | Active Directory and Networks |
|---|---|---|
| Sea | Jerry | Active |
| Nibbles | Netmon | Forest |
| Solidstate | Servmon | Sauna |
| Poison | Chatterbox | Monteverde |
| Knife | Jeeves | Timelapse |
| Sunday | Sniper | Flight |
| Keeper | Querier | Return |
| Pilgrimage | Giddy | Blackfield |
| Cozyhosting | Bounty | Cicada |
| Codify | Artic | Escape |
| Tartarsauce | Remote | |
| Jarvis | Buff | Assumed Breach Scenarios: |
| Tabby | Love | Administrator |
| Usage | Secnotes | EscapeTwo |
| Mentor | Access | Certified (harder) |
| Devvortex | Mailing | |
| Irked | Heist | ProLabs: |
| Popcorn | Dante | |
| Bashed | Zephyr (harder) | |
| Broker | ||
| Analytics | ||
| Networked | ||
| UpDown | ||
| Swagshop | ||
| Nineveh | ||
| Pandora | ||
| OpenAdmin | ||
| Precious | ||
| Busqueda | ||
| Monitored | ||
| BoardLight | ||
| Magic | ||
| Help | ||
| Editorial | ||
| Builder | ||
| Linkvortex | ||
| UnderPass |
Tryhackme
’对于一些房间来说,这是一种更有指导性和友好性的方法,但对于准备来说,这仍然是一种很好的方法。这里的Active Directory是OSCP的很好的实践。
| Linux | Windows | Active Directory and Networks | Other recommended rooms |
|---|---|---|---|
| Mr Robot | Steel Mountain | Attacktive Directory | SQL Injection Lab |
| Thompson | Year of the Owl | Attacking Kerberos | Linux Privilege Escalation |
| Kenobi | Retro | Wreath Network | Windows Privilege Escalation |
| GameZone | Alfred | Reset | Git Happens |
| Skynet | Relevant | Vulnnet: Active | NahamStore |
| Daily bugle | Blueprint | Enterprise | |
| Lazy admin | Hackpark | ||
| Tomghost | Weasel | Assumed Breach Scenarios: | Recommended paths |
| Rootme | AllSignsPoint2Pwnage | Corp | Cyber Security 101 |
| CMesS | Anthem | Lateral Movement and Pivoting | Jr Penetration Tester |
| Ultratech | Hack Smarter Security (harder) | Exploiting Active Directory | Offensive Pentesting |
| Internal | Cyberlens | ||
| Zeno | |||
| Boiler CTF | |||
| Wonderland | |||
| Silver Platter |
Proving Grounds Practice
真正的OSCP类盒子,这只是一个列表,其中包含了最佳实践,并删除了过于复杂、超出范围的盒子,以及TJNull列表中主要用于OSEP和OSED(例如京都和奈良)的盒子,并添加了一些新的盒子
| Linux | Windows | Windows Active Directory |
|---|---|---|
| ClamAV | Kevin | Access |
| Pelican | Internal | Resourced |
| Payday | Algernon | Nagoya |
| Snookums | Jacko | Hokkaido (Retired it seems) |
| Bratarina | Craft | Hutch |
| Pebbles | Squid | Vault |
| Nibbles | Nickel | |
| Hetemit | MedJed | |
| ZenPhoto | Billyboss | |
| Nukem | Shenzi | |
| Cockpit | AuthBy | |
| Clue | Slort | |
| Extplorer | Hepet | |
| Postfish | DVR4 | |
| Hawat | ||
| Walla | ||
| PC | ||
| Apex | ||
| Sorcerer | ||
| Sybaris | ||
| Peppo | ||
| Hunit | ||
| Readys | ||
| Astronaut | ||
| Bullybox | ||
| Marketing | ||
| Exfiltrated | ||
| Fanatastic | ||
| QuackerJack | ||
| Wombo | ||
| Flu | ||
| Roquefort | ||
| Levram | ||
| Mzeeav | ||
| LaVita | ||
| Xposedapi | ||
| Zipper | ||
| Ochima | ||
| Fired | ||
| Scrutiny | ||
| SPX | ||
| Vmdak | ||
| Mantis | ||
| BitForge | ||
| WallpaperHub |
Virtual Hacking Labs
| Linux | Windows |
|---|---|
| Techblog | Steven |
| Backupadmin V2 | Aaron |
| Web01-Dev V2 | Anthony |
| Web01-Prd V2 | Jennifer |
| Forum | WinAS01 |
| Quick | AS45 |
| Tiki | Trace |
| Helpdesk V2 | React |
| VPS1723 V2 | |
| CMS02 V2 | |
| Records | |
| Trails | |
| Dolphin V2 | |
| Crash | |
| Natural | |
| Mantis | |
| Fed V2 | |
| CMS01 | |
| Tracking | |
| JS01 | |
| PBX | |
| Code V2 | |
| Teamspeak | |
| CMS101 | |
| FW01 | |
| Core | |
| Websrv01 | |
| Mon02 | |
| Graphs01 | |
| PM V2 | |
| Tracker |
Proving Grounds Play
大多数盒子来自vulnhub,由offsec免费托管
| Linux |
|---|
| Amaterasu |
| Loly |
| Potato |
| Stapler |
| BBScute |
| Gaara |
| Blogger |
| FunboxEasyEnum |
VulnLab
具有真实场景的平台,非常适合学习Windows和AD开发。
| Linux | Windows | Active Directory and Networks |
|---|---|---|
| Sync | Escape | Baby |
| Data | Job | Baby2 |
| Build | Job2 | Breach |
| Forgotten | Lock | Sweep |
| Bamboo | Sendai | |
| Chains: | ||
| Trusted | ||
| Reflection | ||
| Hybrid | ||
| Lustrous | ||
| Assumed Breach Scenarios: | ||
| Heron (Chain) | ||
Comments NOTHING