If you discover a subnet, host, target, or system that has a public IP address (one not included in the RFC 1918 scope) you should reach out to the client to discuss.  In general, public IP addresses will not be in scope for the test, beyond OSINT and discovery, and should not be the target of testing. 


CPTC creates private networks for the testing and competition to occur, attacks and techniques run