Global Collegiate Penetration Testing Competition Industry Resource List

Splunk enthusiasts, cybersecurity professionals, penetration testers, and students–this blog post is for you! 

Penetration testing is a critical component of cybersecurity and essential for protecting businesses and organizations of all sizes. However, penetration testing can be expensive and time-consuming, making it difficult for students and other newcomers to the field to get started. 

The Global Collegiate Penetration Testing Competition was created as a way to promote learning and development in the field of penetration testing. This competition provides aspiring security practitioners with an opportunity to learn from experienced professionals and gain practical, real-world experience while also competing against their peers from around the world. 

CPTC also gives back to the community. One of the ways it does this is by providing public data–among resources we make available–for industry research and other use cases.

We’ve put together a resource list of the best tools and materials to help you leverage all the CPTC has to offer. Whether you’re a seasoned pro or just starting out, we hope you find these CPTC, pentesting, and Splunk resources helpful!

Dataset

• The CPTC Dataset–for 2018 and 2019–is available here
• How to Use the 2019 CPTC Security Dataset in Splunk tutorial by Tom Kopchak

Details & Updates

• Explore the GlobalCPTC website
• Find @globalcptc on Twitter and follow us for updates!
• GlobalCPTC is also on YouTube! Check out our team presentation: CPTC 2020 International Finals Presentation – Rochester Institute of Technology

Infrastructure

• CPTC 2020 Technical Debrief

Insight

• An Inside Look at the Collegiate Penetration Testing Competition podcast featuring Tom Kopchak, Josh Neubecker, and Meredith Kasper with host Heather Terry
• CPTC Review Part 1: The Setup, Part 2: The Ethics, Part 3: The Process, and Part 4: The Data blog series by Tom Kopchak
• Splunking the Hack of a Virtual Hydroelectric Power Plant presentation by Josh Neubecker and Tom Kopchak (Splunk BSides, 2021) 

PowerShell

• How to Use PowerShell Transcription Logs in Splunk tutorial by Tom Kopchak
• Script for PowerShell Logging creation by Tim Ip
• Hunting for Malicious PowerShell using Script Block Logging blog post by the Splunk Threat Research Team
• The Hurricane Labs Add-on for Windows PowerShell Transcript can be found on our Apps page and is available on Splunkbase!

Reports

• Reporting Guidelines for Competitors
• Competition Penetration Testing Redacted Report Copies – Excellent examples of real-world industry approaches to penetration test reporting.

Themes (and Winners!) 

• The Halls of Victory

Until next time! 

With this blog post, we wanted to make sure that industry professionals are aware of all the great resources available through the competition. Whether you’re looking for research data or ways to get involved in the competition as a judge or mentor, we’ve got you covered. If you have any questions about CPTC or Splunk, don’t hesitate to reach out to us on Twitter–we would be happy to help!

In the meantime, sign up for our newsletter–we’ll keep you updated on our latest content and events!