Home > Vendors > cybersecurity > crtp

CRTP - Certified Red Team Professional

The CRTP: Certified Red Team Professional course focuses on “offense-in-depth”, the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques.

CRTP immerses students in a single simulated enterprise environment, with multiple VMs, up-to-date and patched operating systems, and defenses. In keeping with the assumed breach mentality, the course provides detailed attacker tradecraft post initial access, which includes performing host situational awareness and “safety checks”, escalation privileges locally, breaking out of the beachhead, performing advanced lateral movement, escalating in Active Directory, performing advanced Kerberos attacks, and achieving red team objectives via data mining and exfiltration.

The course is fast paced and highly intensive, teaching delegates an in-depth methodology and approach while operating as a professional Red Teamer. We not only show delegates how to perform advanced red team tactics, techniques and procedures (TTP’s) but further cover how to run a successful end-to-end engagement with a focus on operational security and risk.

Code: crtp

Duration: 5.0 days

Enquire Now

Start learning today!

Click Hereto customize your Training

Objectives

Understand the MITRE ATT&CK Framework with details on techniques, tactics, and procedures (TTP) commonly used by threat actors as this can be used as a reference during Red Teaming.
Understand the core concepts of adversary simulation, command & control, and how to plan an engagement.
Learn about each stage of the attack lifecycle from initial compromise to full domain takeover, data hunting, and data exfiltration.
Learn to mimic the offensive hacker mindset and think outside the box and come up with new attack vectors and approaches
Discover and leverage vulnerabilities towards take over and data breach
Perform post-exploitation tasks such as host and network reconnaissance, Pivot to n-tiered networks, and establish persistence.
Perform Active Directory attacks such as kerberoasting, ASREP, abuse unconstrained delegation and exploit insecure ACLs, and move laterally across a Windows estate.
Perform a comprehensive red team operation penetration test, from reconnaissance to establishing a foothold and maintaining a covert presence.

Content

Module 1: Introduction to Red Teaming and Understanding of Attack DNA

Introduction to Red teaming
Role of red team in organizational security programs
Red team vs. blue team
Red team assessment phases
Red teaming methodology
Planning red team operations
Attack Lab Infrastructure
Threat Intelligence: Frameworks, Platforms, and Feeds
What is MITRE ATT&CK Framework?
Tactics, Techniques and Procedures (TTP)
Indicators of Compromise (IoC) and Indicators of Attack (IoA)
Mapping to ATT&CK from Raw Data : 2 Hands-on Labs on Real world attack logs.

Module 2: Host Exploitation : Windows & Linux

Host Exploitation on Windows and Linux Operation systems with the following red teaming steps and tons of scenario based hands-on exercises:

Reconnaissance (OSINT)
Weaponization & Delivery
Exploitation
Establishing a backdoor (C&C)
Installing multiple utilities
Privilege escalation, lateral movement, and data exfiltration
Maintaining persistence

35 Hands-on Exercises on the following 4 Real world scenarios without any automated exploitation tools:

Microsoft Windows Server exploitation with persistence
Web Application and FTP exploitation together with Linux privilege escalation, brute force, hash cracking, shell injection, process snooping, c&c communication and many more
Content Management System and LFI Exploitation together with GTFOBins Privilege Escalation, network file share enumerations, c&c communication and many more
Jenkins Open-Source Server Exploitation together with Windows Privilege Escalation, network traffic pivoting, c&c communication and many more

Module 3: Active Directory Exploitation

Most enterprise networks today are managed using Windows Active Directory and identity based exploitation is the low hanging fruit for hackers to gain access on the servers and to perform lateral movement and exfiltrate data from critical systems as we have seen in many high profile incidents in ASEAN like SingHealth. This module simulate real world attack with a non admin user account in the domain and how hackers work their way up to become an enterprise admin. The focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities and to establish that a single machine compromise in a AD environment is enough for an entire organisational compromise

Following 9 Hands-on Lab Cover AD enumeration, trusts mapping, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket), ACL issues, SQL server trusts, Defenses and bypasses of defenses:

LLMNR Poisoning
SMB Relay with Interact shell
Gaining Shell
IPv6 Attacks
Pass the Hash/Password
Token Impersonation
Kerberoasting attack
Golden Ticket Attack

Audience

Red Teamers
Bug Bounty Hunters
Security Analysts
Vulnerability Assessors
Penetration Testers
IT Security Professionals
Security Consultants
Blue Team members, Defenders, and Forensic Analyst
Anyone who wants to learn the Offensive side of Cyber Security

Prerequisites

Cybertronium Certified Penetration Tester or other Pentest certifications OR A thorough understanding of Penetration Tests and Security Assessments
Networking Basics
Understanding & Navigating Different OSes like Windows, Linux
Prior knowledge on OWASP TOP 10
Knowledge of Active Directory

Certification

Course Benefits

Career growth
Broad Career opportunities
Worldwide recognition from leaders
Up-to Date technical skills
Popular Certification Badges

Cyber Security Popular Courses

crtp

A Certified Red Team Professional is a cybersecurity expert trained and certified to simulate cyberattacks and security breaches on a company's systems, network

Subtotal