Offensive Security Pathway - Level 5 Of 6

Offensive Security Major (OSM) - Sharpen your technical hacking skills

What you'll learn

Master the art of professional penetration test documentation and reporting for clients and stakeholders.

Implement advanced persistence techniques for both Windows (e.g., Scheduled Tasks, registry hacks) and Linux (e.g., CRON jobs, SSH misconfigurations) systems.

Learn pivoting and lateral movement strategies to navigate and exploit compromised networks.

Understand the fundamentals of cloud security and exploit common vulnerabilities in cloud environments.

Dive into Azure hacking, learning to exploit misconfigurations in Azure AD and IAM for access.

Develop your skills in exploit development, focusing on discovering and leveraging buffer overflow vulnerabilities.

And more…

Requirements

Intermediate - Advanced Course! This course is designed for those with intermediate hacking skills. To get the most out of it, you should have a solid foundation in ethical hacking or have completed Levels 1-4. If you're ready to push your skills further, this is the perfect next step!

Description

In Level 5, Offensive Security Major (OSM), you’ll sharpen your technical skills with advanced persistence techniques and move toward mastering the art of post-exploitation. Whether on Windows or Linux, this module teaches you how to maintain control over compromised systems long after the initial breach. You’ll learn persistence tactics like manipulating Windows Scheduled Tasks, registry hacks, or hijacking CRON jobs and SSH misconfigurations in Linux.Understanding how to move through a compromised network is critical, and this course covers pivoting and lateral movement strategies, allowing you to expand access and explore other machines in the network undetected. You'll also explore cloud environments, with a focus on Azure, learning how to exploit misconfigurations in Azure AD.Documentation and reporting are vital skills for any penetration tester. You'll learn how to compile findings, write comprehensive reports, and present professional-grade documentation to stakeholders. Finally, the course introduces buffer overflows, a foundational skill for exploit development. You’ll discover vulnerabilities in both Linux and Windows environments and develop exploits to take advantage of buffer overflows.By the end of this chapter, you’ll be equipped with the techniques necessary for long-term persistence, network navigation, and cloud-based exploitation, positioning yourself as a key player in offensive security operations.SyllabusDocumentation & Reporting: How to properly document vulnerabilities and write professional penetration test reports for clients and stakeholders.Advanced Windows Persistence Techniques: Techniques to maintain access to compromised systems, including Windows Scheduled Tasks, registry hacks, and hidden users.Advanced Linux Persistence Techniques: Techniques to maintain access to compromised systems, including SSH Authorized Keys, Scheduled Tasks (CRON), Shell misconfiguration and Dynamic Linker Hijacking.Data Exfiltration Techniques: Learn different techniques to exfiltrate data from systems.Pivoting / Lateral Movement: How to move within a compromised network using pivoting and lateral movement strategies to expand access.Introduction to Cloud Exploitation: Fundamentals of cloud security and how to exploit common vulnerabilities in cloud environments.Hacking Azure: Techniques specific to exploiting Azure infrastructure, including misconfigurations in Azure AD and IAM.Buffer Overflows: Exploit development focusing on discovering and exploiting buffer overflow vulnerabilities in both Linux and Windows environments.

Overview

Section 1: Introductie

Lecture 1 5.1 Intro

Lecture 2 5.2 Course Content

Lecture 3 5.3 Advanced Persistence Techniques - Windows

Lecture 4 5.4 Advanced Persistence Techniques - Linux

Lecture 5 5.5 Data Exfiltration Techniques

Lecture 6 5.6 Pivotting

Lecture 7 5.7 Buffer Overflows

Lecture 8 5.8 Cloud Exploitation - General Concepts and Azure Concepts

Lecture 9 5.9 Cloud Exploitation - Azure Enumeration and gaining credentials

Lecture 10 5.10 Cloud Exploitation - Azure Persistence

Lecture 11 5.11 Documentation and Reporting

Lecture 12 5.12 Wrapping Up

Penetration testers aiming to improve their reporting and documentation skills for professional engagements.,Security professionals seeking advanced persistence and exploitation techniques in Windows and Linux environments.,Ethical hackers wanting to understand how to exploit and navigate compromised cloud infrastructures, including Azure.,Red team operators focused on pivoting, lateral movement, and network expansion techniques.,Cybersecurity professionals interested in learning buffer overflow exploitation for both Linux and Windows systems.