There are 25 sections in the curriculum, too, so it's got a wide range of content to absorb, and it includes topics such as pre-engagement, initial attack vectors, privilege escalation and host persistence. It's essentially a walkthrough of of how to perform various operations using Cobalt Strike, so you won't be hunting for flags in the lab environment akin to OSCP labs, for example. Those of you have done the CRTP from Pentester Academy will know what I mean. The course is not designed as a challenge lab. Some sections have accompanying videos, which do differ occasionally from the text based instructions, so definitely watch both! Personally, I would read a section first, then go start up my labs and follow along with it. Each section is broken down into bitesize, digestible chunks, often with a few minutes of reading on a topic, followed by some command examples and OPSEC considerations. Consider it your own personal Red Team playground, and you can continue to use it after you've taken the course, too. There is no one else in your labs, and unless you revert them, they will continue to house your changes in between restarts. This means you cannot transfer tools, unless you're copy and pasting them chunk by chunk, however you are provided with a Tools folder that contains everything you need. This is made possible via the browser based access that the course provides, with everything being done in Snap Labs using Guacamole. Course StructureĪs previously mentioned, you get to use Cobalt Strike throughout this course without having to purchase a license. As someone with no real-world experience in the heart of a Red Team, these little additions are eye-opening and provide a unique insight to the less glamourous side of the job. There's a subtle flow from pre-engagement practices through the active engagement and it rounds everything off with post-engagement summaries and reporting information. It's not just about technicalities, either. It's designed as an introduction to Red Teaming, and it now comes with an accompanying Cobalt Strike instance to get some hands on experience with one of the most used C2 commercial frameworks. This aside, the course has a unique feel to it. It's a pretty impressive feat in my humble opinion, to provide such a comprehensive course as, essentially, a one man army. The course is the brainchild of Rastamouse, and he solely writes the content, maintains the course and provides support, amongst his other work. Well hello again! It's not been all too long since my last post, but immediately after obtaining the PNPT I was hungry for the next challenge, and the Certified Red Team Operator (CRTO) from ZeroPointSecurity had long been on my radar.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |