Hello! everyone, I am very happy to share that I have achieved Certified Red Team Professional certification. Here is my review on it.
Certified Red Team Professional
Introduction:
Altered Security’s Certified Red Team Professional (CRTP) is a beginner friendly hands-on red team certification. It is one of the most popular beginner Red Team certification. A certification holder has the skills to understand and assess security of an Enterprise Active Directory environment.
Motivation
Being a BackEnd Developer, slowly everyone will move to System Administrators role. And when you work as System Administrator, it’s very common to do security stuffs. When 95% of the enterprise uses active directory, this certification is a must to be done. So I decided to take this certification. If you wanted to start your career in Red Teaming, this certification is a good start. More on this later, let me give some intro to the course and certification exam.
Here is the basic lab architecture offered in this course.
The Course Design
The course has been designed for beginners but you should have prior knowledge of Powershell. A basic understanding of Active Directory. These two will definitely help you in your whole journey.
The whole course has been designed by Nikhil Mittal and I must say he has done a fantastic job. There are two options to do the certification. Either you can enroll in a Bootcamp in which Nikhil will give live online classes or you can buy the pre recorded class from here.
The course is divided into four segments.
- Introduction to Active Directory, Enumeration and Local Privilege Escalation
- Lateral Movement, Domain Privilege Escalation and Persistence
- Domain Persistence, Dominance and Escalation to Enterprise Admins
- Defenses, Monitoring and Bypassing Defenses
The basic design of the course lab will be very much similar to this.
Knowledge Base & Attack Surface
The main target in any Active Directory environmentis to become domain admin. The lab is designed in a way that you have to go step by step exploiting every machine and finally become domain admin. Red Teaming Active Directory with BloodHound for Privilege Escalation and Lateral Movement. Here is the basic look of the attack surface.
BloodHound
The most helpful tool will be BloodHound. It will help you to map the active directory environment graphically. This will give you an overview of the whole attack path.
Most of the tools are provided along the course. Some tools will not work as intended but not to worry, you can download the latest version from github. In my case, have to use the latest version of Rubeus during the exam.
MimiKatz
The most effective tools that will help you to move ahead in the lab. You can learn more about MimiKatz from here.
Powershell
Here is a great course recommended for Powershell.
Exam Tips
Here are some exam tips to grab the certification.
Mindset
- Always try the practice labs as you are giving the real exam. Your confidence will increase and you will know the areas in which you nedd to work upon. The 24 hrs time is enough to complete the exam lab.
Timing & Surrounding
- Always start the exam when you feel more energetic and fresh minded. Prepare electricity and internet backup before exam.
Tools
- Do not copy all the tools to the
studentvm at once. Only copy those which you are going to use. It is recommended to run bloodhound in your local computer as running bloodhound in the student vm can make your vm slow.
Leave a comment