Post

My Take on RTO Course and CRTO Certification

Posted Updated
CRTO Certification
CRTO Certification
By Murasaki
6 min read
My Take on RTO Course and CRTO Certification

My Take on the Red Team Operator (RTO) Course and CRTO Certification

🇧🇷 Versão em Português
This article is also available in Portuguese on Medium . Note: Here I’ll share my perspective on both the course and the certification.

My Perspective on the Red Team Operator (RTO) Course

Well, I ended up choosing to take the course for work-related reasons. At first, I wasn’t very interested, thinking it wouldn’t add much value, but thankfully I was wrong. I learned a lot of new things, but I’d like to highlight something personal: I found difficulties with the learning approach as presented in the course. Several times I sought help externally or from friends to understand certain topics, as many things were new to me and my Windows foundation wasn’t the best. Perhaps this hindered me. I ended up learning as I redid the tasks, understanding their behavior, and researching beyond what was just presented in the course. Being quite honest, if I had to rely solely on the course, I would be quite lost and I don’t think I could finish it. So, my personal take is: I recommend reading about C2 and studying Windows to have a foundation before starting the RTO course, to avoid possible headaches.

Well, the course covers some topics such as:

  • Initial Compromise
  • Reconnaissance
  • Persistence
  • Privilege Escalation
  • User Impersonation
  • Kerberos
  • Pivoting
  • Active Directory
  • Microsoft Defender Antivirus

You can find the complete course syllabus here: Red Team Ops Course

I purchased the course during a promotion (Black Friday), but the current price is £365.00 for the course only. If you want 30 days of lab access, the cost will be different. In my case, since I bought it on promotion, it came with just the course, so I had to pay for lab access. I ended up buying it twice because, although many say 30 days are sufficient, it wasn’t for me. I needed 60 days, which ended up being an additional £88.00 invested. Honestly, I think this is a disadvantage, having to pay separately for lab access and it being stipulated by hours and not days. In other words, your 30 days equals 60 hours. This made me uncomfortable at first, but later I got used to it.

During the lessons, I didn’t have many problems with the environment. I only had to reset the environment twice, though occasionally the system would get a bit slow during lessons. However, this didn’t directly impact anything, so all good.

My Perspective on the Certified Red Team Operator (CRTO) Exam

I found this exam to be an interesting challenge. I confess there were moments when I felt quite anxious and apprehensive, especially regarding some things I had seen a long time ago in the course and hadn’t practiced, which ended up taking me more time than I had planned. Because of this, I ended up being harder on myself, even self-sabotaging, but it’s part of the process—lessons learned.

During the exam, I realized I still had things to improve, especially regarding Windows and some processes.

Why Did I Choose CRTO?

As I mentioned initially, I ended up choosing to take the course and subsequently the exam because of work. I saw the need to evolve. During my learning in the course, after really understanding some topics, I realized it covers subjects that can be directly applied at work. This sparked my interest more, and as I learned, I became more involved with C2 and Bypass techniques. So, I would say that for the learning acquired in the course and exam, it was worth it.

The Exam

Well, for those who bought the course, there’s one free attempt to take the exam. You can also choose to buy just the voucher and take the exam, with the voucher costing £99.00.

Note: If you already have the course and want to take the exam, to request the voucher, access this link and go to the “Book Now” section where you’ll find the necessary instructions: Red Team Ops Exame

The exam allows 48 hours within four days. Just like in the lab, you can pause and rest a bit.

During the first day, I was setting up my C2 profile, DNS, doing reconnaissance, and preparing AV bypasses. Although I had seen this in the lessons, I had forgotten, so I took much longer than I imagined just on this stage. I used ThreatCheck to verify the generated artifacts and ensure they could bypass the AV.

In the following days, after a good night’s sleep, I spent a good amount of time enumerating and trying to find what I needed. After I identified what I was looking for, I got my first flag. Still, there were stages that were quite challenging, and I had to reconfigure the environment twice. In the end, everything worked out.

In the exam, there are 8 flags to be collected, however, with 6 flags you can already pass, if you choose to stop there.

The Environment

The exam lab covers everything you need. At times, there was some slowness in the machines, but it passed quickly and didn’t cause any significant impact. From my experience, I’d say the performance was within expectations for taking the exam.

What I Studied

Besides all the content shown in the course, I also researched additional information externally. For example, C2 was something new to me, so in addition to learning from the course, I looked up a lot of information about C2 outside of it. By the way, there are many C2s out there, even open source ones. One of the first I came into contact with was C2 Empire. If you want to learn more about it, TryHackMe has a room dedicated to it.

I also researched a lot about Windows, commands, bypasses, among other things. I’ll leave some links here. I studied many things out of curiosity too, not all directly related to the certification.

Some links I studied:

Conclusion

Well, considering everything, I’d like to reinforce the importance of studying Windows before moving to CRTO, if you don’t have a good foundation, as was my case. I also recommend not getting stuck only with the course content; there’s a universe out there to be explored that can help you a lot.

Regarding the exam, I believe that many of the things you saw during the lessons will serve you well in the exam. You just need to pay close attention to the scenario and not let your mind mess up your ideas.

Since the exam can be paused, take breaks, eat well, talk with family and friends, and relax a bit.

A personal observation I had during this period: we can go far alone, but with the support of friends and family, we can go much further (my coaching moment of the day). Anyway, I hope the reading and tips are useful to you, and see you next time.

CRTO Certification

Happy studying!

#KeepLearning #KeepHacking #CRTO

Certifications, Zero-Point Security
Windows Red Team C2 Active Directory Certification Advanced
This post is licensed under CC BY 4.0 by the author.