OSINT
OSINT, or open-source intelligence, is the first thing that you will do to start your pentest for CPTC.
This involves doing passive reconnaissance of the company that you've been hired to pentest.
- Note that doing brute-force enumeration of websites may get your team a warning and/or potentially disqualified.
All information about the company is produced by the CPTC world team and is slowly published online as the competition gets closer. This means your team should be constantly reviewing previous discoveries and looking for more.
- In past years, teams have recorded their OSINT with Maltego, which can make things easier to keep track of and can also help with describing OSINT in a report.
I have a (partially redacted) set of slides on OSINT basics that covers tools and techniques that may be useful to you: UFSIT OSINT Slides