=

Course Foundation (AD Security)

The Certified Red Team Professional (CRTP) certification is built around the Attacking and Defending Active Directory lab. It is designed to give penetration testers and red teamers practical skills in exploiting enterprise Active Directory setups, starting from a non-admin user to achieving domain dominance.

Core Topics

Master the art of Active Directory exploitation with our detailed curriculum:

Active Directory Basics

Architecture, Domains, Forests, Trusts, User Accounts, Groups, and OUs.

Enumeration & Recon

Domain enumeration with BloodHound, identifying ACLs, GPOs, and trust relationships.

Privilege Escalation

Local privesc (Unquoted Paths, DLL Hijacking), exploiting misconfigured permissions and services.

Lateral Movement

PowerShell Remoting, WMI, Scheduled Tasks, Mimikatz credential dumping, Pass-the-Hash/Ticket.

Persistence

Golden/Silver Tickets, Skeleton Key, Kerberos Delegation abuse, GPO backdoors.

Trust Abuse

Forest & Domain trust exploitation, Kerberoasting, MSSQL abuse.

Exam Format

24-Hour Exam

24-hour practical exam in a fully patched multi-domain AD environment.

5 Target Servers

Achieve OS-level command execution on 5 target servers.

Professional Report

Submit a professional report within 48 hours of exam completion.

Important Notes

  • Beginner-Friendly: Suitable for those new to red teaming but familiar with Windows/Networking.
  • Validity: Certificate is valid for 3 years and can be renewed.
  • Tools & Skills: Heavy use of PowerShell, BloodHound, Mimikatz, and AD-specific techniques.
  • Lab Access: Options for 30, 60, or 90 days depending on experience level.