The Collegiate Penetration Testing Competition is a one of a kind cybersecurity competition that trains students to be future consultants by letting them loose on a penetration testing engagement in a realistically simulated business environment. Teams of up to 6 students perform a penetration test against the fictitious business and document the findings in a penetration testing report.
TG:HACK CTF 2020 has been very interesting and intellectually challenging. It made me bang my head on the desk repeatedly in the hopes of numbing the pain of not being able to solve some of the challenges. In the end, I managed to figure out all but the two of the hardest challenges. My writeups are intended to cover the whole process of solving a challenge, so if you don’t want a detailed explanation, just scroll to the payloads.
Less than a year after passing the Security+, I can finally proudly say that I passed CySA+ as well. I set my sights on this exam the same day I passed the Security+ and I focused on studying for it extensively over the past two months. I passed it with 845 out of 900 and was really surprised at how well it went despite the fact that CompTIA recommends you to have 3-4 years of technical experience minimum. I’ve got 0. I have no IT or Security work experience, but what I do have is determination and the will to succeed. If such an underqualified 20 year old could pass this exam thanks to those two things, you can as well. The purpose of this blogpost is to share some of the things I found helpful during my studies for it. I explored a diverse range of study materials and I will tell you which ones worked for me and which ones didn’t.
Security+ is an industry standard certfication that is very popular and held in high regard. CompTIA recommends you to have an Network+ level of knowledge combined with two years of IT administration experience with a focus in Security before you go for this exam, but that is nothing more than a recommendation. You can easily pass this exam with no IT work experience and without a Network+ behind you. I did and so can you. I initially passed this exam in December of 2018, but over time i realized that my tips and tricks were too surface-level, so i rewrote my blogpost entirely with extra information for you. I hope you find it at least remotely useful.