Collegiate Pentesting Competition

This weekend I competed in the Collegiate Penetration Testing Competition (CPTC) with a team of other Northeastern cybersecurity students. This was my first time engaging in offensive security, and I spent a lot of time preparing. I read both Learn Penetration Testing and Penetration Testing: A Survival Guide, practiced on Hack the Box and VulnHub, and messed around with all the different tools out there.

This year, we were penetration testing consultants for an airport. The competition itself was 8 hours, with 7 hours allotted afterwards to write up our findings. Eight of us crammed into a single hotel room and typed away until 3am. CPTC placed a strong emphasis on the importance of communication, especially in the context of report writing. Even if your technical findings are significant, they become much less meaningful if you can’t convey it to the appropriate audience. You can read our report here

Although we didn’t advance to nationals, this experience pushed me to explore offensive security more and offered the rare opportunity to test my skills on real infrastructure.