How To Pass OSCP Series: Windows Privilege Escalation Step-by-Step Guide - Softcover

Inhaltsangabe

Overview

This book is the first of a series of How To Pass OSCP books and focus on techniques used in Windows Privilege Escalation.

This is a step-by-step guide that walks you through the whole process of how to escalate privilege in Windows environment using many common techniques. We start by gathering as much information about the target as possible either manually or using automated scripts. Next, we search for misconfigured services or scheduled tasks, insufficient file permission on binaries or services, vulnerable kernel, vulnerable software running with high privileges, sensitive information stored on local files, credential saved in the memory, registry settings that always elevate privileges before executing a binary, hard-coded credential contained in the application configuration files, and many more.

Who this book is for?

If you are a cybersecurity professional who wants to be certified as an Offensive Security Certified Professional (OSCP), then this book is for you. It is also for those who want to learn about offensive security, Windows security and configuration, and penetration testing.

Since everyone's background and experience are different, the author wrote this book in the way that you can pick any chapter that sounds interesting to you and flip to it, rather than starting at the very beginning.

Table of Contents

• Introduction
• Section One: Windows Configuration
  • Chapter 1: AlwaysInstallElevated
• Section Two: Domain Controller
  • Chapter 2: Zerologon
• Section Three: Windows Service
  • Chapter 3: Service - Insecure File Permission
  • Chapter 4: Service - Unquoted Path
  • Chapter 5: Service - Bin Path
  • Chapter 6: Service - Registry
  • Chapter 7: Service - DLL Hijacking
• Section Four: Scheduled Tasks
  • Chapter 8: Scheduled Tasks
• Section Five: Windows Registry
  • Chapter 9: Autorun
  • Chapter 10: Startup Applications
• Section Six: Windows Kernel
  • Chapter 11: Kernel - EternalBlue
  • Chapter 12: Kernel - MS15-051
  • Chapter 13: Kernel - MS14-058
• Section Seven: Potato Exploits
  • Chapter 14: Juicy Potato
  • Chapter 15: Rogue Potato
• Section Eight: Password Mining
  • Chapter 16: Password Mining - Memory
  • Chapter 17: Password Mining - Registry
  • Chapter 18: Password Mining - SiteList
  • Chapter 19: Password Mining - Unattended
  • Chapter 20: Password Mining - Web.config
• Section Nine: UAC Bypass
  • Chapter 21: User Account Control Bypass

About the author

Alan Wang has over 20 years of experience in IT security and developing standardized methodologies for the enterprise to drive business enabling cybersecurity programs and promote industry standards and risk-based investments to maximize business opportunity and minimize risk. He created a Digital Risk platform that enables enterprises across industries to manage business and cyber risks based on a foundation of good governance as well as risk optimization. Throughout his career, he also conducts and directs information security risk assessment efforts as well as provides risk assessment expertise on complex systems. For more information, please visit www.howtopassoscp.com.

Die Inhaltsangabe kann sich auf eine andere Ausgabe dieses Titels beziehen.