Hey Guys, so I have been working through this ‘Red Team Ops’ ALL WEEKEND (well technically Thursday) and thought I would write about it.
Course Overview:-
“Red Team Ops is an online course that teaches the basic principals, tools and techniques, that are synonymous with red teaming. Students will be granted access to the course material (written and video format) and access to a fully immersive lab, where they will learn and conduct every stage of the attack lifecycle – from OSINT to full domain takeover.
Upon completion of the course, students may attempt the accompanying exam to become a Certified Red Team Operator.”
As for my with regards to red teaming it has all been rather generic and broad training and not so much focused like this is, it is very much for people want to red team or have just started their journey towards doing it.
The course actually changes this week with the following:-
TL;DR Version
- Private labs to replace shared labs.
- Access to Cobalt Strike provided.
- Hunt your own indicators in Splunk.
- New pricing.
- Pass the certification without a course purchase.
So, onto the course.
Course Introduction
- External Reconnaissance
- Initial Compromise
- Host Reconnaissance
- Host Persistence
- Host Privilege Escalation
- Domain Reconnaissance
- Lateral Movement
- Credentials & User Impersonation
- Password Cracking Hints & Tips
- Session Passing
- Pivoting
- Data Protection API
- Kerberos
- Group Policy
- Discretionary Access Control Lists
- MS SQL Servers
- Domain Dominance
- Forest & Domain Trusts
- Local Administrator Password Solution
- Bypassing Defences
- Data Hunting & Exfiltration
- Post-Engagement & Reporting
- Extending Cobalt Strike
All of that above is your modules and to put it into perspective they each open up into sub-modules like this below:-
RTO is a “rolling course” – which means the materials are never static. As tools, techniques and the threat landscape evolves, so too does RTO. Updates are provided incrementally rather than waiting for “big-bang” v2/v3 releases.
Students are granted indefinite access to these course updates, so they always have access to the latest and greatest.
The course is absolutely fascinating as mentioned from my viewpoint as I work blue team and no matter how much TryHackMe and HackTheBox you do nothing beats seeing it how it would actually be done in a real life situation with the real life tools.
Definitely need to be learning myself more on Cobalt Strike.
The labs come in 30, 60 or 90 days access where you can take your exam whenever you feel comfortable in doing so.
They are great labs and come with everything you need installed, it is really easy go between them, just wish i had more time as you can get really engrossed.
The thing about this course and certificate is that it is GENUINELY great value for money at £649 you get 90 days labs access, the full course and the exam to be awarded CRTO certificate which is really growing in popularity with companies taking note.
There is great videos in each section that give a great visual as to what is happening too.
If you are looking into red teaming and want to get a course that I found had a great balance between the academic explanations and then the lab work practical then get this one.
I am have way through my BTL1 and when I finish that really want to get a hold of the labs and exam for here.
The instructor for the course was the excellent Daniel Duggan known in the Cybersecurity world as Rasta Mouse.
So final remarks on the course, great course and very specific for red teaming and not one of these courses that go over everything in a very generic term, there is a very academic feel to it which i liked it almost felt like i was back studying in a classroom.
So my plan is to somehow get the exam and another 90 days lab time so i can get the certificate to go with the course.
Highly recommend for red team peeps.
See more about the course here = https://www.zeropointsecurity.co.uk/red-team-ops
Give them a follow here:-
Twitter = https://twitter.com/_RastaMouse
Twitter = https://twitter.com/zeropointsecltd
Regards
Alex/Muldwych