From AWAE to OSWE: The Preperation Guide

5. August 2019


As promised on Twitter this post will document my steps through the OSWE exam preperation.

Searching for available study material

After some google action i found some useful stuff

  • AWAE-PREP – GitHub Repo
    A lot of trainings, courses and other random stuff for the AWAE preperation.
  • OSWE – GitHub Repo
    Additionall sources about the vulnerabilites and exploits within the AWAE course material.
  • OSWE Preperation – YouTube Playlist
    I found a lot of interesting videos about Deserialization (important topic!), so i created a small playlist on my YouTube Channel.

Step 1: The Plan

I decided to follow the training order mentioned in AWAE-PREP because it seemed logical considering the AWAE course material.

Step 2: Start


I started with the Javascript for Pentesters course on Pentester Academy. I learned some useful stuff to create even more customized XSS Payloads with fancy functions xD. Some examples are Multi-Level JSON/XML/HTML Parsing, CSRF Token Manipulation, Posting/ Fetching XMLhttpRequests or Stealing data from fields with autocomplete.


I also ordered a awesome book about SQLi. So far i have only read 50 pages but i highly recommend this one! You will learn the very basics of most SQLi vectors and sharpen your skills for more sophisticated attacks! I will add more information when reading further 😉

Random Stuff


This post will frequently be updated, so watch my Twitter Feed or visit this page again 😉
As always, every feedback is very welcome (please via Twitter)!

Ähnliche Beiträge

After gaining my OSCP in June i decided to go deeper into exploitDev and shellcoding. And here we are, this [...]

9. Oktober 2017

Welcome back to my second post for the SLAE certification. Today we are going to build a reverse_shell shellcode and [...]

9. Oktober 2017

Ready for the next level? – Method to exploit software even with small space for shellcode: EggHunting The third task [...]

9. Oktober 2017

Hey ho, it’s time for some low-level shellcode encoding. After going through the encoder examples of the SLAE material i [...]

9. Oktober 2017