Certified Red Team Professional (CRTP)

About This Course

About This Course

If you’re looking to learn the tradecraft of adversary simulation operations in enterprise environments, sharpen your offensive technical skillset, and understand how to detect modern offensive tradecraft, Certified Red Team Professional (CRTP) is for you.

The course focuses on “offense-in-depth”, the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques.

Course Duration:

5 Days

CRTP immerses students in a single simulated enterprise environment, with multiple VMs,up-to-date and patched operating systems, and defenses. In keeping with the assumed breach mentality, the course provides detailed attacker tradecraft post initial access, which includes performing host situational awareness and "safety checks", escalation privileges locally, breaking out of the beachhead, performing advanced lateral movement, escalating in Active Directory, performing advanced Kerberos attacks, and achieving red team objectives via data mining and exfiltration.

  • Understand the MITRE ATT&CK Framework with details on techniques, tactics, and procedures (TTP) commonly used by threat actors as this can be used as a reference during Red Teaming
  • Understand the MITRE ATT&CK Framework and able to identify attacker techniques, tactics, and procedures (TTP) to investigate indicators of compromise (IOCs) and provide automated / manual responses to eliminate the attack/incident
  • Understand the core concepts of adversary simulation, command & control, and how to plan an engagement
  • Learn about each stage of the attack lifecycle from initial compromise to full domain takeover, data hunting, and data exfiltration.
  • Learn to mimic the offensive hacker mindset and think outside the box and come up with new attack vectors and approaches.
  • Perform post-exploitation tasks such as host and network reconnaissance, Pivot to n-tiered networks, and establish persistence.
  • Perform Active Directory attacks such as kerberoasting, ASREP, abuse unconstrained delegation and exploit insecure ACLs, and move laterally across a Windows estate.
  • Perform a comprehensive red team operation penetration test, from reconnaissance to establishing a foothold and maintaining a covert presence.

Module 1 : Introduction to Red Teaming and Understanding of Attack DNA

  • Introduction to Red teaming
  • Role of red team in organizational security programs
  • Red team vs. blue team
  • Red team assessment phases
  • Red teaming methodology
  • Planning red team operations
  • Attack Lab Infrastructure
  • Threat Intelligence: Frameworks, Platforms, and Feeds
  • What is MITRE ATT&CK Framework?
  • Tactics, Techniques and Procedures (TTP)
  • Indicators of Compromise (IoC) and Indicators of Attack (IoA)
  • Mapping to ATT&CK from Raw Data : 2 Hands-on Labs on Real world attack logs

Module 2 : Host Exploitation : Windows & Linux

35 Hands-on Exercises on the following 4 Real world scenarios without any automated exploitation tools:

  • Microsoft Windows Server exploitation with persistence
  • Web Application and FTP exploitation together with Linux privilege escalation, brute force, hash cracking, shell injection, process snooping, c&c communication and many more
  • Content Management System and LFI Exploitation together with GTFOBins Privilege Escalation, network file share enumerations, c&c communication and many more
  • Jenkins Open-Source Server Exploitation together with Windows Privilege Escalation, network traffic pivoting, c&c communication and many more
  • Host Exploitation on Windows and Linux Operation systems

Module 3 : Active Directory Exploitation

Most enterprise networks today are managed using Windows Active Directory and identity based exploitation is the low hanging fruit for hackers to gain access on the servers and to perform lateral movement and exfiltrate data from critical systems as we have seen in many high profile incidents in ASEAN like SingHealth. This module simulate real world attack with a non-admin user account in the domain and how hackers work their way up to become an enterprise admin. The focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities and to establish that a single machine compromise in a AD environment is enough for an entire organisational compromise.

Following 9 Hands-on Lab Cover AD enumeration, trusts mapping, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket), ACL issues, SQL server trusts, Defenses and bypasses of defenses:

  • LLMNR Poisoning
  • SMB Relay with Interact shell
  • Gaining Shell
  • IPv6 Attacks
  • Pass the Hash/Password
  • Token Impersonation
  • Kerberoasting attack
  • Golden Ticket Attack

Certified Red Team Professional (CRTP)

The CRTP examination is certified by the Global ACE Certification. The examination framework is designed to align with a set of relevant Knowledge, Skills and Attitudes (KSA) that is necessary for an Information Security Professional. Candidates will be tested via a combination of either continual assessment (CA), multiple choice questions (MC), theory/underpinning knowledge assessment (UK), practical assessment (PA), assignments (AS) or case studies (CS) as required.

Candidates can take the examination at authorized examination centres in participating scheme member countries. Candidates who have successfully passed the CRTP examination will be eligible to apply as an associate or professional member by fulfilling the membership criteria defined under the Global ACE Certification.

Free Add-on : Free Membership access to CYBERTRON Cybersecurity Collaboration & Community Skills Validation Platform

Certified Red Team Professional (CRTP)

Exam Platform : CYBERTRON

Exam Format : 2 Hours Capture the Flag style Hands-on Exam

Exam Pass Mark : 70% (Minimum 7 Flags to be captured)

Exam Fees : Inclusive in the Course Fees

Free Add-on : Free Membership access to CYBERTRON Cybersecurity Collaboration & Community Skills Validation Platform

Certified Red Team Professional (CRTP) :

Click here to download brochure

Truly Inspiring & well-conducted

I gained various technical skills that now assist me in my day to day job in cybersecurity field.

Hands-on Labs with latest tools

Very beneficial as the course taught me security from hackers' perspective and learnt how to defend

Trainer was patient and knowledgeable

Taking this course was a stepping stone and I'm very pleased with the learning based on latest attacks and vulnerabilities

Frequently Asked Questions

Who are the target audiences for this course?
Red Teamers, Bug Bounty Hunters, Security Analysts, Vulnerability Assessors, Penetration Testers, IT Security Professionals, Security Consultants, Blue Team members, Defenders, Forensic Analyst, and Anyone who wants to learn the Offensive side of Cyber Security.
Where can I get the Course Schedule?
Reach out to us via our Contact Us page with details on your location and interested course. We will find the nearest training partner to assist you for F2F / online class.
Is it necessary to take the exam on 5th day?
The exam voucher validity is 6 months, you can take exam within 6 months from your course date. We recommend you to take the exam at the earliest.
With this 5-day course, will I become a professional?
A professional in 5 days is just a marketing gimmick. We get you started with the right knowledge and assist you through the process of achieving professionalism after the class with mentoring and guidance through our Community Ecosystem platform, CYBERTRON.