My second attempt at the OSCP begins tomorrow. Yesterday I finished revising my PWK lab report, and today I’ve decided to have some fun in the HackTheBox labs. In part, as always, I hope to learn something new. But mostly, I just want to hack for the joy of it. During my PWK lab time, I felt like I had to focus the beam of my attention on my PWK studies. Having finished my lab time and completed my report, I can finally spend time on my own projects.

I’m still playing around with some of my earlier work, but a new idea has sparked my imagination. No spoilers yet – I want to see if this project goes anywhere before I start talking about it. As a consolation, I will provide a link to a couple (related) projects I find quite useful:

  • GTFOBins: a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions.
  • LOLBAS: a curated list of Windows utilities that can perform useful, sometimes unexpected functions.

One project I can talk about: I’m working on assembling my general pentesting notes into a useful reference guide. As soon as it’s ready, I’ll post more details.

Keep it classy, OOP.