Certified Red Team Professional
My take on the Certified Red Team Professional (CRTP) certification offered by Pentester Academy.
Last updated
My take on the Certified Red Team Professional (CRTP) certification offered by Pentester Academy.
Last updated
Note: This is Not a Sponsored Post.
CRTP is a certification offered by Pentester Academy which focuses on attacking and defending active directories. The certification course is designed and instructed by Nikhil Mittal, who is an excellent Info-sec professional and has developed multiple opensource tools. Nikhil has also presented his research in various conferences around the globe in the context of Info-sec and red teaming.
He blogs regularly at http://www.labofapenetrationtester.com
This Certification is made for people who are curious about red teaming and active directory security.
Unlike other certifications, CRTP will teach you everything with an assume breach methodology where an attacker has an initial foothold inside an active directory environment and wants to move laterally to attain the highest privilege in an organization. As a defender, you will learn how attackers move laterally and attain these privileges so that these situations can be avoided to safeguard the active directory environment.
Another reason which makes this certificate unique is the fact that it will teach you everything in a fully patched and updated environment where you will be using only using insecure configurations and administrative mistakes to complete your objectives.
I feel that the course content is beginner-friendly. Anyone who has basic pentesting knowledge and understands concepts like reverse shells, privilege escalation, lateral movement, etc can directly opt for CRTP.
After registering for CRTP, you will be offered a VPN config along with RDP credentials which will be used to access the labs. I opted for the one month lab which costed me around 300$. This lab will be an active directory environment where one can practice multiple challenges and attack vectors in the context of active directory and windows security. The training material consists of videos and slides which will demonstrate techniques such as Privilege escalation, lateral movement, bypassing security measures and persistence, This will also demonstrate how to safeguard an active directory environment. The training material also consists of multiple objectives which are fun to practice inside the lab environment. Author has also created walk through videos for every objective given which is beneficial in case you are stuck with any of the lab objective. The course content is very informative and beginner-friendly, it has helped me extensively during my penetration testing and red team projects later on.
I took the examination on 9th August 2019 and was provided with a VPN config which I used to connect to my rescue box, a domain joined windows machine. I was given the objective to get OS command execution on 5 machines spread across the domain within 24 hours using the rescue box.
I completed all my objectives and submitted a detailed report within 14 hours. The support team quickly acknowledged that they have received the report and will be sending the result in 48 hours.
Please note that even if you cannot compromise all the boxes, it is still possible to clear the exam if your report is of top quality.
The next morning I received a mail stating the i have cleared the examination.They even announced the same on twitter.*yaaaay*🚬🍻
This course helped me in learning and practicing a lot of different techniques which is bound to help me in my future endeavors. I believe any one who has prior experience with active directory pentesting or have gone through the course material thoroughly can clear this exam easily.
My next goal is to clear CRTE which is an advance version of this course.
Below are few of the interesting stuff's you get to learn during this course.
Users, Policies, ACL, etc
Hunting local admins.
Session enumeration.
Delegations.
Trusts.
Read more about this here.
