Pentesting

How to Pentest

There are a ton of resources for learning. My favorite is TryHackMe, which is a cyberrange that plenty of rooms that will walk you through the entire process of an exercise and has more that will challenge you to do it on your own.

• For a more complete list of resources, take a look at the one on my GitHub: https://github.com/Adamkadaban/CTFs#resources

If you want to get serious about pentesting, I think the Practical Ethical Hacking Course by Heath Adams is amazing. You can pay for the course on the TCM security website or can get slightly older versions for free on YouTube, and sometimes on Udemy. This course aligns with a certification called the PNPT that, in my opinion, is much better than the OSCP while being much cheaper.

How to Practice for CPTC

Of course, cyberranges like HackTheBox, TryHackMe, and VulnHub are great for general practice and will build on your skills well.

As of 2023, CPTC has included Cloud (AWS) in its environment. Cloudfoxable is a fantastic resource for practicing here.

However, if you and your team want more CPTC-specific practice, the CPTC VM images are available online: http://cptc.rit.edu/