Writing an eBook

Writing an eBook

Introduction:

Last blog post I mentioned writing an eBook regarding all of the information I learned from the OSCP course, labs, and exam. I got a solid response from readers, but I wanted to gain permission from Offsec before writing. Hence why it has been a little while! I wrote an introduction for the book, sent it over to them, and they had some reservations. The last thing I want to do is step on their toes, as such, I have decided to not move forward with a book outlining all of the information needed to pass the OSCP. Instead, I am seeking to make this eBook for a more generalized audience regarding Network Penetration Testing. Clearly, as I am an OSCP, this book will contain everything that I know about these different domains, meaning it should still be an awesome tool for the OSCP; just not OSCP specific.

Table of Contents:

Listed below is the general plan for the book’s chapters:

  • Chapter 1: Organizing our Penetration Test with Tmux
  • Chapter 2: Port Scanning
  • Chapter 3: Detailed Port Enumeration
  • Chapter 4: Web Application Enumeration
  • Chapter 5: Generating Shellcode with Msfvenom
  • Chapter 6: Exploitation
  • Chapter 7: Linux Privilege Escalation
  • Chapter 8: Windows Privilege Escalation
  • Chapter 9: Pivoting
  • Chapter 10: Cheat Sheets and Final Tips

 

Thoughts:

I have attempted to layout the table of contents very methodically, in order of what a penetration test would normally consist of. My plans for this book is to be practical. As such, I plan to weave into this book a Windows machine, and a Linux machine, so that I can explain the technique, then show a hands-on usage of the technique in practice. This way, it’ll give both background and hands-on exposure to the technique.

 

Any Recommendations or Thoughts?

Before I carve out a lot of time to do this, I want to hear from everyone in the community to see if (1) People are interested in this book and (2) What do you want to see in this book? I am making this for betterment of the community, and hopefully so that everyone will be able to get the OSCP. It is an awesome cert to have! Let me know what you want in the book, and I’ll make sure it finds its way there!

 

Until next time,

Matt

 

P.S: Signing up for the OSWP Course Today (September 24th) so expect a post or two regarding the OSWP!

 

2 thoughts on “Writing an eBook

  1. Awesome stuff! I definitely intend buy the book when you release it. If you can dig a little on cross compiling exploits that would be great. Or basically best practices to build an exploit on machines which don’t have the correct compilers.

  2. Congrats for becoming an OSCP. I am pursuing the same dream and your articles are being a great inspiration.
    I would suggest that you can strongly recommend a standard methodology throughout the life of the book and also emphasize on your preferred style of documentation, in different stages of the testing. This would be a great pointer for beginners like me.

Leave a Reply

Your email address will not be published. Required fields are marked *