CRTL Review

CRTL Review

Hello everyone, today I am going to cover the latest exam I was able to achieve. As most of you may recall, I completed the new version of CRTO in December, and you can find that review here. As I was completing that, RastaMouse had put up a sale, and I quickly bought the Red Team Ops II course, as this was already something I had planned to take eventually. I won’t dig into the new platform or model too much, as I covered the changes in the CRTO review.

Course Overview:

The course, according to the site, is given a direct description.

This course provides you with the knowledge and skills necessary to operate against modern defences.

As of this moment, the course costs £449.00. I am not aware of the prior pricing, but operating on the pretense that you will receive all updated material free of cost makes it worth the price alone.

Course material Labs:

The material is not for beginners and builds on the expectation that you have at least taken the Red Team Ops I course and have a general understanding of the concepts. That being said, entering this course with knowledge of Windows APIs and lower-level programming, such as C, would be helpful, as I struggled at times to understand the concepts.

Although I struggled a bit, RastaMouse made the implementation of the concepts quite smooth, as I went from scratching my head to seeing them work in the practical exercises, making it seem much more achievable from my standpoint.

Similar to Red Team Ops I, you are learning on a newer version of Cobalt Strike, which, in contrast to how old Red Team Ops I was, I assume made Red Team Ops II much easier based on my experience.

Now, one thing I will note is that there is much less material in Red Team Ops II, which might seem counterintuitive; however, this is not a baseline course, and you are learning more advanced topics. I personally did not mind it being a bit shorter, as the material seemed more structured in a manner that made you really learn and think about each concept.

Now, with regard to the labs, my opinion is relatively the same as it was for Red Team Ops I, with the only new change being that you can boot a lab only once per day rather than twice, which makes sense, as these labs are a bit larger. However, each lab compounds on the next; thus, certain changes are not needed every time.

Previously, I mentioned that Red Team Ops I held your hand too much; however, I think the Red Team Ops II labs are much better. Granted, there is a bit of hand holding, but based on certain concepts, it is needed.

Exam:

Similar to the CRTO, public information about the exam is limited, so I cannot go into detail about how it is structured. However, I cannot stress enough the importance of reading the exam information before attempting the exam to ensure you are aware of the scope and rules of engagement.

Similar to CRTO, my exam experience was great on both attempts; funnily enough, this one also took me two attempts. I failed my first attempt mostly due to overthinking, if I am being honest. On my final attempt, I managed to pass in about 20 hours, which could have been reduced if I had not been overthinking too much; however, I still passed.

Final Thoughts:

  • This course is not meant as an introduction and should not be delved into without some preparation.
  • The course is short but well structured, with great labs.
  • I think this would be great for anyone wanting to level up in the realm of red team operations.