This is going to be a relatively short post as I don’t have much to say; the course and exam are great. I passed the course in about 2.5 of the 48 hours, and it took me a total of 6 hours to get all the flags. I really enjoyed both the exam and the course as the material directly reflected what appeared on the exam, and the material felt both relevant and interesting to learn. The material covers a lot of Active Directory, with an emphasis on lateral movement and the usage of Cobalt Strike to perform these attacks.
Exam and Preparation
The exam itself is 48 hours, and you need to get 6 of 8 flags to pass. The environment is pretty sizeable but the exam itself is very easy. The course prepares you very well, but since I also did the Cybernetics Pro Lab a few months ago, I was able to easily complete the exam. In total I spent around 40 hours in preparation over two weeks; 28 hours of my lab time was used, and I spent around 10 hours over the course of 2 days reading the material. It’s quite a lot of things to take in, as the material covers many things, but the recurring theme is lateral movement and situational awareness on your host. My last takeway is that WinRM through Kerberos Authentication is the biggest pain the ass I’ve ever experienced. Or maybe I’m stupid.
Pros and Cons
Pros:
- I already said like everything; great material, fun vectors, and a great exam
Cons:
- The AV evasion section kinda sucked. Just some really basic static signature evasion that was functioning oddly.
Overall, if you are trying to dip toes into red teaming or wanting to find a challenge pre/post OSCP, give this a shot.