CERTIFIED RED TEAM PROFESSIONAL (CRTP)

CERTIFIED RED TEAM PROFESSIONAL (CRTP)

Summary

Location

Location

Malaysia

Duration

Duration

5 Days
Format

Format

Public Class

Public Class

Red Team Certification: Mastering the Art of Cyber Offense

Unleash Your Cybersecurity Skills with Certified Red Team Professional (CRTP)

Are you ready to take your cybersecurity expertise to the next level? Dive deep into the world of cyber offense with our Certified Red Team Professional (CRTP) certification. This dynamic program is your ticket to becoming a master of the offensive side of cybersecurity.

Unlock the World of Cyber Offense

In the ever-evolving landscape of digital security, mastering the techniques employed by threat actors is essential. Our CRTP certification is your gateway to understanding the MITRE ATT&CK Framework, adversary simulation, command and control, and the entire attack lifecycle. You’ll learn to think like an offensive hacker, discovering new attack vectors and approaches to compromise systems.

Hands-On, Real-World Experience

Our training offers a hands-on approach, equipping you with the skills to plan and execute red team operations effectively. Explore host exploitation on Windows and Linux, delve into Active Directory exploitation, and grasp the intricacies of domain privilege escalation. With 35 hands-on exercises, you’ll be well-prepared to tackle real-world scenarios without relying on automated tools.

Join the Elite

The CRTP certification is your ticket to becoming part of the elite cybersecurity professionals who understand the art of cyber offense. Whether you’re a Red Teamer, Bug Bounty Hunter, Security Analyst, or simply passionate about cybersecurity, this certification will empower you to excel in the fast-paced world of digital security.

Take the leap and earn your Red Team Certification with us. Gain the knowledge, skills, and confidence to secure your organization against even the most determined adversaries. Join us in the fight against cyber threats and emerge as a Certified Red Team Professional, ready to face any challenge in the world of cybersecurity.

Course Details

Duration: 5 days; /35 hours; Instructor-led/ remote online training

Audience

  • Red Teamers
  • Bug Bounty Hunters
  • Security Analysts
  • Vulnerability Assessors
  • Penetration Testers
  • IT Security Professionals
  • Security Consultants
  • Blue Team members, Defenders, and Forensic Analyst
  • Anyone who wants to learn the Offensive side of Cyber Security

Prerequisites

  • Cybertronium Certified Penetration Tester or other Pentest certifications

OR

  • A thorough understanding of Penetration Tests and Security Assessments
  • Networking Basics
  • Understanding & Navigating Different OSes like Windows, Linux
  • Prior knowledge on OWASP TOP 10
  • Knowledge of Active Directory

Methodology

This program will be conducted with interactive lectures, PowerPoint presentation, discussion and practical exercise.

Course Objectives

  • Understand the MITRE ATT&CK Framework with details on techniques, tactics, and procedures (TTP) commonly used by threat actors as this can be used as a reference during Red Teaming.
  • Understand the core concepts of adversary simulation, command & control, and how to plan an engagement.
  • Learn about each stage of the attack lifecycle from initial compromise to full domain takeover, data hunting, and data exfiltration.
  • Gain insight in to planning and conducting a red team operation including all the steps required to perform efficient opensource intelligence, design and automate the deployment of operational infrastructure, gain initial access and perform post-exploitation and lateral movement.
  • Learn to mimic the offensive hacker mindset and think outside the box and come up with new attack vectors and approaches
  • Learn Enumerate the target objective and attempt to compromise the critical system in scope for the Red Team. This will include multiple levels of privilege escalation and lateral movement in order to gain access to the objective system.
  • Thoroughly understand and apply a variety of passive and active intelligence-gathering techniques
  • Discover and leverage vulnerabilities towards take over and data breach
  • Able to enter a target infrastructure using various covert and overt methods
  • Able to Test and evade all types of security control types
  • Perform a comprehensive red team operation penetration test, from reconnaissance to establishing a foothold and maintaining a covert presence.
  • Perform post-exploitation tasks such as host and network reconnaissance, Pivot to n-tiered networks, and establish persistence.
  • Perform Active Directory attacks such as kerberoasting, ASREP, abuse unconstrained delegation and exploit insecure ACLs, and move laterally across a Windows estate.
  • Able to use MITRE ATT&CK techniques, tactics, and procedures (TTP) to plan and execute a red team operation.

Outlines

  • Introduction to Red teaming
  • Role of red team in organizational security programs
  • Red team vs. blue team
  • Red team assessment phases
  • Red teaming methodology
  • Planning red team operations
  • Attack Lab Infrastructure
  • Threat Intelligence: Frameworks, Platforms, and Feeds
  • What is MITRE ATT&CK Framework?
  • Tactics, Techniques and Procedures (TTP)
  • Indicators of Compromise (IoC) and Indicators of Attack (IoA)
  • Mapping to ATT&CK from Raw Data: 2 Hands-on Labs on Real world attack logs.
  • Host Exploitation on Windows and Linux Operation systems with the following red teaming steps and tons of scenario based hands-on exercises:
    • Reconnaissance (OSINT)
    • Weaponization & Delivery
    • Exploitation
    • Establishing a backdoor (C&C)
    • Installing multiple utilities
    • Privilege escalation, lateral movement, and data exfiltration
    • Maintaining persistence
  • 35 Hands-on Exercises on the following 4 Real world scenarios without any automated exploitation tools:
    • Microsoft Windows Server exploitation with persistence
    • Web Application and FTP exploitation together with Linux privilege escalation, brute force, hash cracking, shell injection, process snooping, c&c communication and many more
    • Content Management System and LFI Exploitation together with GTFOBins Privilege Escalation, network file share enumerations, c&c communication and many more
    • Jenkins Open-Source Server Exploitation together with Windows Privilege Escalation, network traffic pivoting, c&c communication and many more

Most enterprise networks today are managed using Windows Active Directory and identity based exploitation is the low hanging fruit for hackers to gain access on the servers and to perform lateral movement and exfiltrate data from critical systems as we have seen in many high profile incidents in ASEAN like SingHealth.  This module simulate real world attack with a non-admin user account in the domain and how hackers work their way up to become an enterprise admin. The focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities and to establish that a single machine compromise in a AD environment is enough for an entire organizational compromise.

Following 9 Hands-on Lab Cover AD enumeration, trusts mapping, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket), ACL issues, SQL server trusts, Defenses and bypasses of defenses:

  • LLMNR Poisoning
  • SMB Relay with Interact shell
  • Gaining Shell
  • IPv6 Attacks
  • Pass the Hash/Password
  • Token Impersonation
  • Kerberoasting attack
  • Golden Ticket Attack

Trainers

Reviews

Interested In

CERTIFIED RED TEAM PROFESSIONAL (CRTP)

Starting From
RM6000
Intake Date
4-8 Sep 2023
Class Type
Private, Public

Why Us

Variety of Courses

Variety of Courses

Customizable Class

Customizable Class

Consultants Facilitate

Consultants Facilitate

HRDF Claimable

HRDF Claimable

Professional Certifications

Professional Certifications

Free Chat to Get Quote

Free Chat to Get Quote

Related Courses

Enquire Now

Course Name *
Name *
Email *
Contact No. *
Enquiry For
Company Name *
Job Position *
Message *

Book Now

Course Name: CERTIFIED RED TEAM PROFESSIONAL (CRTP)
Duration: 5 Days
Class Type *
Intake Date *
First Name *
Last Name *
Email *
Contact No. *
Pax *
Total Price: RM
0.00

Download Details

Name *
Email *
Contact No. *