My CRTS Feedback

My CRTS Feedback
Certification CRTS @alrikrr
Hello everyone, Happy New Year !
This is actually my first post of 2023 and nothing better than to tell you about a certification I just completed.Β 

What's CRTS ?

CRTS or Certified Red Team Specialist from Cyber Warfare is a Technical Certification designed to improve your Red Team skills in many Offensive Fields. Your goal is to compromise an entire lab including 4 different networks !

You must use one of three attack paths to do this. Here is a picture of the internal lab.
Certification Link
Β 
The bunbdle I took (30 days access) comes with VPN access of the internal lab, three PDF write-up for each attack path, digital badge and certification. 30 days is the minimum time, you can extend your lab time if you want.

My Experience

Well, this certification turned out to be quite a surprise for me. Initially, I wasn't expecting much beyond a simple lab, and then it transformed into an incredibly engaging experience. The internal lab setup was so well-done that I found it truly enjoyable!

You have the freedom to choose any attack path you prefer. I went with the first one, which involves a Web attack. Once you compromise the web server, you're required to pivot into another internal Active Directory network. Once you compromise the domain, you're faced with yet another pivot to an internal Active Directory network linked through a Trust Forest design. Let me tell you, after completing this lab, I became a pro at pivoting and post-exploitation on Active Directory!

The cherry on top is gaining access to a complete SCADA network – personally, that was the most satisfying reward for me!

And don't forget about the attack on Kubernetes and Docker containers; it's a fascinating aspect since you don't often get to play around with them in real pentesting engagements!

Worth It ?

I would recommend starting with a solid methodology and having a prior taste of penetration testing and Red Team skills. Relying solely on the WriteUps provided by Cyberwarfare won't cut it, as it's not always 100% detailed and might not explain every command required to reach the final objective. Consider the WriteUps as an emergency toolkit for when you're stuck!

In my case, I followed my instincts for the initial attack path. When I hit roadblocks, I turned to the writeup, especially for machines that I wasn't particularly comfortable with, like the Kubernetes (K8S) and the intensive pivoting parts.

Β 

This article was updated on 15 August 2023

AlrikRr

Formerly a firefighter in France πŸ‡«πŸ‡· πŸš’, I decided to pursue my passion for IT and especially offensive cybersecurity. Now a Pentester in Montreal πŸ‡¨πŸ‡¦ for almost 3 years and an active member of HackersWithoutBorders North America, I am gradually specializing in internal and network intrusion testing.

Sharing our passion for this field, whether for awareness or education, is an important mission for me!

Feel free to contact me to discuss cyber or anything else over a beer :D 🍻