It is Red Teaming. Huh? Wow, What is Red Teaming? It is about acting as real cyber threats to attack organizations from different angles to find weaknesses and report to the internal team. The Red team is highly skilled in taking advantage of Human, Technical, and physical weaknesses.

So, what is usually involved with Red Teaming? Before having a quick look, be informed that It is crucial to bypass the defense and perform every step in stealth mode.

  • Initial Access: Exploit Internet-facing applications such as Web Applications or infect the target with implant(Blue Team calls it malware, and Hacker calls it RAT).
  • Persistence: They install additional tools to regain access.
  • Privilege Escalation: They will use internal system vulnerabilities to escalate the privilege.
  • Command and Control: Everything is controlled by command and control, like the Cobalt strike.
  • Active Directory Exploitation: Most enterprises use Active Directory. Red Teamer is often required to abuse the active directory misconfiguration.
  • Lateral Movement: They will jump to different systems of their object.
  • Exfiltration of Data: Move the data to a remote server.

If you want to be a red teamer, you need to learn the above techniques. But the problem is, every part of red teaming is so big. So many things to learn. Consider the “Initial Access” that has 100s of technique. If you are starting, it may take months to a year to learn every known technique. Perhaps this is the reason you will find training on specific topics such as Master the Initial Access, Privilege escalation master class, etc.

The Top 5 Red Teaming Training

Training or certification can only teach you some possible red-teaming techniques. You need to combine several training resources found on the Internet, your programming skills, and your creativity. To make your study journey easier, you may need to take the help of several good training. And to help you select the right one, I have sorted 5 top red teaming training.

Note: I have tried all of these courses except for the Sans course. What I have been writing here is all of my own opinion. Please don’t hesitate to contact me with any comments, complaints, or recommendations.

1. CRTO I and CRTO II (Certified Red Team Ops)

  • Cost: £365 and £399

These courses are offered by Zero-Point Security. And I have tried both courses. The CRTO course discusses initial access, recon, privilege escalation, credential theft, Active Directory attacks, SQL Server attacks, etc. If someone had my opinion about this course, it is a wonderful red teaming course. CRTO is straightforward and easy to follow.

This should be the one if someone wants to try only one red teaming course. CRTO II is the advanced version that closely works with the Cobalt Strike C2 framework and defense evasion technique.

2. OSEP(OffSec Certified Experienced Pentester)

  • Cost: $1599(One-Time)

I am already OSEP certified, and I would say this is a fantastic advanced penetration testing course by OffSec. In different training platforms, a similar course is called “Red Teaming Training,” but OffSec calls it advanced penetration testing. OSEP teaches the basic to advanced attacking methods against hardened windows and linux systems. Accordingly, you will learn to build initial access payloads, Various techniques to attack Linux systems, Active Directory Attacks, Lateral Movement, and Defense Bypass.

3. Red Team Operations and Adversary Emulation(SEC565)

  • Cost: $8275(OnDemand)

Red Team Operations and Adversary Emulation or Sec565 course offered by SANS. And Sans is known for its quality and expansiveness. Their teaching method and materials are different than others. In Sec565, various initial access and active directory attacking method has been taught.

From Sans Website:

4. Red Team Operator Training by Sektor7

Cost: $220+ per course

Sektory7 provides several courses related to red teaming, such as the Malware Development Essentials course, which teaches how to develop your own basic malware. The Malware Development Intermediate, Advanced, and Windows Evasion Course teaches advanced techniques to develop and bypass defensive measures. Knowledge of malware development is required to be a good red teamer, and Sektor7’s courses, primarily Essential and intermediate malware development courses, are good for learning to develop your malware.

5. Certified Red Team Operator by Altered Security(CRTP)

  • Cost: $249

You will likely have to deal with Active Directory in red teaming engagement. If you are very new to active directory exploitation, I believe the CRTP would be a good choice as it heavily focuses on active directory exploitation.