August 16, 2020

My Pentester Academy – Certified Red Team Professional (CRTP) Journey

Reading Time: 7 minutes

Hi Guys,

It’s been a while since I wrote a blog. This blog is to describe my journey of Pentester Academy’s Certified Red Team Professional (CRTP) course. Few months back Offensive Security updated their PWK course. When I was going through the updated course content, I honestly felt that I made a mistake opting for PWK in 2019 and that I should have done it in 2020. The major changes in course material was the addition of Active Directory and PowerShell Empire modules. I wanted to gain better understanding of the Active Directory security so I took the course.


About the Course!!!

Let me get this out there that this is First of the three-part certification journey for Red Teamers. This course is designed for n00b’s to start Red Team assessments. This course is informational and very helpful to people who do not have basic knowledge on how to approach an Active directory compromise assessment. This course will surely help you in that. This is a cheap certification as compared to other cyber security certifications out there. And when you are stuck at home during this pandemic with lots of time you surely can spare 3 hours on this.

The Courseware!!!

Once you have selected a date to start your labs. You will receive a link to download the course videos and PDF’s. You will also be given 2 ways to connect to the foothold machine i.e. VPN (RDP based) or Apache Guacamole (Browser based). The videos are about 10 -12 hours if you watch it on 1.3x speed :P Try and make notes it helps. This helped me in my exam time a lot.

The Labs!!!

## 23 Learning Objectives, 59 Tasks, >120 Hours of Torture :)

The objectives are pretty straight forward and fairly easy to do. I would recommend every one should solve them. The lab exercises will help you to grasp the concepts far quicker than the reading material and videos. In fact, it’s more about muscle memory and a methodology that you’ll develop along the way. The lab has all the software and scripts needed to advance in the network.


I followed my OSCP strategy on appearing for the exam. I scheduled my exam after 18 days. By then I had completed all my course videos and lab exercises. The exam was for 24 hours. I had good idea on this due to my previous certification. I was a bit worried when the e-mail for my exam mentioned that the exam machine won’t have any tools and .Net 3.5 not being installed on the server.

Once I got the connection, I uploaded all the tools that were required and began my exam. I compromised all the targets. The first hurdle was a bit tricky rest of the exam was straightforward and easy to figure out. Once I was done with my exam, I started making reports. Starting the report just after the exam time helps as the write up is fresh in mind.

After 2 days I got my result.


I am very satisfied with the course. Thanks you @Nikhil Mittal, @Vivek Ramachandran & @Pentester Academy. I will definitely recommend this course to anyone who wants to get better understanding on active directory attacks and insider attack simulations.

Read more about Red Team assessments.

Posted in Cert Experience, HackingTaggs:
  • P K Pradhan

    How much time did it take from learning stuffs from the Labs and then attempting your exam and clearing it? Also, are you a Certified PWK / OSCP beforehand? I am planning to take this course as well, but I don’t have any prior certification except basic Pentesting, would this course be a good fit for a beginner like me? Awaiting your reply. :)

    7:41 am August 20, 2020 Reply
    • oathk33p3r

      I am OSCP certified. I took the labs for 1-month. I appeared for the exam after approx 20 days. I would definitely recommend this course for a beginner wanting to gain insights about the AD Security.

      1:13 pm August 26, 2020 Reply
  • Jai

    Thank you for the awesome write-up!
    Want to know if someone is having basic idea about the AD how many days of lab would be required?

    Many thanks,

    6:52 am August 21, 2020 Reply
    • oathk33p3r

      I did have a very basic idea of the AD Infrastructure with respect to security. I had deployed an active directory locally so knew how things work. I took the labs for 1 month and studied for at least 2 hours a day. I didn’t stick to the course material but also wandered the web for additional information.

      1:28 pm August 26, 2020 Reply
  • Checkerp10

    Hi sir. Am going to write my crtp exam next week. Could you suggest what are the things we want to avoid and what are things should I want to take care of. Since they told some powershell tools won’t be working fine am worried cause I practiced and having Handson’s on only powerview and admodule . Let me know these tools works fine or should I want to check for alternative as well.


    11:19 am October 17, 2020 Reply
Write a comment