CRTE Review

CRTE Review

Overview:

Since I had already taken the CRTP and had such a great experience, it was an easy decision to take the CRTE. This course and exam focused on building upon the foundation of the CRTP while emphasizing more complex attacks in larger environments.

Altered Security
Global leader in hands-on learning for enterprise and cloud security education. Join 10000+ infosec professionals from 130+ countries
Altered Security

Course:

Our Certified Red Team Expert (CRTE) course and lab simulates real world attack-defense scenarios and require you to start with a non-admin user account in the domain and work your way up to enterprise admin of multiple forests. The focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities.

Exam:

The Certified Red Teaming Expert is a completely hands-on certification. The certification requires students to solve practical and realistic challenges in our fully patched Windows infrastructure labs containing multiple domains and forests. The certification challenges students to look at the complete infrastructure like a true enterprise network and does not rely only on breaking individual machines. Students will have 48 hours to complete the hands-on certification exam.

The course material:

Similar to the CRTP, I purchased the On-Demand Lab 30-day access package in early February and began the coursework on February 4. Once again, I chose the shortest duration because most of the CRTP knowledge was already fresh in my mind. As with the previous course, the purchase grants permanent access to the course materials, which are available for download from a cloud drive and include lecture videos, slides, lab tools, and the lab guide.

With lab access, I immediately began using the methodology to reference each section and modify, edit, or add information to my new "Book of Daemons" notes. (The latest version of the "attack matrix" is now called the "Book of Daemons", which I renamed when I moved from GitBook to Joplin.) I want to note that the previous notes from CRTP made this methodology smoother, as I was still getting accustomed to the new platform.

Regarding the course material, I definitely wish I had taken the live training. I recall mentioning this in the CRTP review, but I was a bit impatient, so I opted for the on-demand version instead. As expected, Nikhil Mittal put together each video well; the genuine experience—whether things went right or wrong—was great. Additionally, the stories and comments throughout had me laughing at times. Similar to the CRTP, the videos in the CRTE are definitely worth watching on their own.

I had a similar experience in the lab to the one I had in the CRTP. The stability was great, with only one minor issue arising, which the support team swiftly corrected after I emailed them. Similar to the CRTP, the CRTE videos and lectures complement the lab without excessive repetition. I highly recommend following along with the lectures in the lab.

Altered Security official lab diagram

Overall, this was a great addition to the CRTP groundwork. However, I will note that some of the items from the CRTP were not covered in the CRTE, which seems unusual. I believe the CRTP on-demand version was more up to date than the CRTE. Nikhil confirmed in Discord that the course content is being updated with the newest live training boot camp.

CRTE Vs CRTP:

Some may call this almost the same course but with a differing focus; however, in my opinion, I believe these two complement each other, as the CRTP serves as the foundation, while the CRTE expands on advanced topics and increases OPSEC. Please note, this is solely my own opinion.

The Exam:

Similar to the CRTP, I will keep all details vague out of respect for the integrity of the exam as well as altered security.

The CRTE is also self-service and can be started on demand, with 49 hours given to the student to gain remote code execution on a specified number of machines, excluding the jump-box. As with the prior exam, the scenario assumes a compromise.

I started my exam on March 1 at 15:20 UTC and submitted my report by March 2 at 05:13 UTC, which is about 14 hours. The exam was fairly straightforward, with a few twists—one in particular had me spinning in circles for a bit, but luckily, I figured it out. Again, I’m keeping this vague on purpose.

Official Exam Structure Information.

I received confirmation of passing on March 9th and received my certification on March 11th.

Closing Thoughts/Feedback:

  • Nikhil did an amazing job on the lecture once again!
  • The labs are very realistic and stable, similar to the CRTP.
  • The exam is fair and provides a great challenge to test your skills.

Feedback:

  • All feedback from the CRTP remains the same. (Please refer to that blog post for the details.)
  • The course could be shortened significantly, as a lot of the material was covered in the CRTP. I can see how those who skipped the CRTP might need this, but perhaps having alternative course material for CRTP students would be beneficial.