Welcome
This hackbook is a WIP source of truth for me as I go for my OSCP certification. My plan here is to document methodology used to exploit the full kill chain, include references to tools and their syntax.
MITRE ATT&CK
The MITRE ATT&CK framework is a matrix and knowledge base of adversary tactics and techniques. The current version, v19, was released on Apr 28, 2026. It introduced a major change, with the Defense Evasion tactic being split into Stealth and Defense Impairment.
The MITRE ATT&CK framework also serves as a sort of killchain, documenting specific techniques as it progresses across the complete killchain.
This Site
I have seen other sites, such as HackTricks create a similar source of truth for offense security techniques. My goal with this one is to align such methodologies directly with the MITRE ATT&CK as I become familiar with them. This site may not have every technique in the matrix, but as I learn specific methodology I will tie it to those specific techniques. It also will serve as a compendium of notes from related offensive security courses I have taken.
OSCP Restrictions
Some of the commands listed here are general commands that I have used in various CTFs / labs. Some of these tools are forbidden for use in the actual OSCP exam. Those tools are documented here:
- Spoofing (IP, ARP, DNS, NBNS, etc)
- Commercial tools or services (Metasploit Pro, Burp Pro, etc.)
- Automatic exploitation tools (e.g. db_autopwn, browser_autopwn, SQLmap, SQLninja etc.)
- Mass vulnerability scanners (e.g. Nessus, NeXpose, OpenVAS, Canvas, Core Impact, SAINT, etc.)
- AI Chatbots (OffSec KAI, ChatGPT, YouChat, etc.)
- Features in other tools that utilize either forbidden or restricted exam limitations
- Metasploit is restricted to only auxiliary, explopuit and post against one target machine