OVERVIEW OF CRTA-EXAM AND HTB-PROLABS

Hellow forks its alienkeric again from this side, just wanted to share with you my general overview with CRTA-exam and htb-prolabs. Am going to summarize them in one way or the other and how I managed to solve,prepare and attaine the certificates.

CRTA - CYBERWARFARE LABS

Overview

Certified Red teamer analyst is an exam from cyberwarfare labs,The exam main goal is to introduce a hacker into red teamer TTP's, But also the exam is a nice exam for a jr-red teamer to start with after eJPT. Why eJPT,Its because with eJPT you will get all basics as a junior penetration tester, now Combining all those skills u got from eJPT and just few of red teamer you will be done with CRTA preparation according to me.

Preparation

Before going to schedule CRTA-exam make sure first you familia with some basics of red-teaming basics stuffs such as pivoting,AD-enumeration(just basics enumeration is all you need with active directory).

Here is the general overview of how you can prepare yourself before exam based on how I say the exam.

1. basics of scanning and enumeration
2. google-doc capability(finding and understaing exploits)
3. exploitation basics
4. pivoting (hacktricks is all you need from here).
5. Scanning internal network from your localmachin
6. privilege escalation(basics only)
7. AD enumeration basics
8. knowledge with impacket tools
9. mimikatz usage
10. how to write a technical good report.

These were just the basics of what you may need to get familia with before thinking of scheduling the exam.Another thing is that cyberwarfare provide a good resource to use if you have trust your skills before going to an exam I real recommend check the resource. It took me 4 hrs to finish the exam and 7 hrs of report writing(totoal 11 hrs). Alot of hrs with report writing is because I has intended and unintended path during the lab of exploitation.

NB: Doing this exam on your own is all you need since because the main aim of the exam is to test your skills, bad enough there is no monitoring so I wont recommend asking for help with the exam because that one will not technically build your skills, so if you asked for help with the exam while the exam is on mark it YOU-FAILED THE EXAM BUDY, because you coudn't finish the easy exam within a 24 hrs under surveillance-mode.

HTB-PROLABS

Overview

Hackthebox is a nice place to put your skills into testing believe me not only how things goes over the network but also you may need to test your skill in many scenarions such as assume being given a chained network of an organization xyz.com. with more than 10 server and computers(total 20).We all know most of organization internal network are vulnerable.

Now before going into real life scenario like this, you need these pro-labs if you want to put your skills into a test as a professional red teamer.For me how it started was after completion of season-6 of hackthebox with a top rank I was awarded a ($49) prolabs and $50 discount of anything from hackthebox. My next goal was to start pro labs, as usually i have plans in everything I do befoer I start doing it

goals before voucher expires

1. Dante (2 days used)
2. P.O.O ( 2 days used)
3. Zephy (1 weeks)
4. offshore (14 days)

DANTE

Dante is beginner-friendly pro labs it introduce you into basics of red-teaming campains such as pivotig into a large network,searching for ways to exploit and many other basics.All in All dante is all about basics,took me 2-days to complete it

This red teaming lab will expose you into

This Red Team Operator Level I lab will expose players to:

1. Enumeration
2. Exploit Development
3. Lateral Movement
4. Privilege Escalation
5. Web Application Attacks

Another think to note is that you need to be creative and think outside the box because this is a chained network you need to chain what you have in hands with what you want to gain.

P.O.O

Maybe people may not understan how things goes over htb,But here how it goes if you think your not ready for zephy an AD pro labs you need to test your skills with mini pro lab P.O.O which introduces you to basics of AD, exploitation such as mssql, its a small pro labs which covers basics. P.O.O is baby-zephyr lab.

P.O.O., is designed to put your skills in enumeration, lateral movement, and privilege escalation to the test within a small Active Directory environment configured with the latest and greatest operating systems and technologies. The goal is to compromise the perimeter host, escalate privileges and ultimately compromise the domain while collecting several flags along the way.

This lab will introduce you into things like.

1. Enumeration
2. Active Directory enumeration and attacks
3. Lateral movement
4. Local privilege escalation
5. Situational awareness
6. Web application enumeration and attacks

Now after your done with this mini-pro labs now your good to go with zephyr which is a level 2(RTO) lab.

NB: After dante and p.o.o I decided to take a small rest(3 days) before going to zephyr, since I was using alot of time with the labs and skipped school-classes.

Zephyr

Zephyr is an intermediate-level red team simulation environment, designed to be attacked as a means of learning and honing your engagement skills and improving your active directory enumeration and exploitation skills. Zephyr includes a wide range of essential Active Directory flaws and misconfigurations to allow players to get a foothold in corporate environments.

This lab will expose your skills such as

1.Enumeration
2. Exploitation of a wide range of real-world Active Directory flaws
3. Relay attacks
4. Lateral movement and crossing trust boundaries
5. Pivoting
6. SQL attacks
7. Password Cracking
8. Privilege escalation
9. Web application attacks

This prolab is really intermediate especially inside(internal network, last sections consumed my time). As we all know double pivoting is really very slow and so i have to spent some times troubleshooting with metasploit and ligolo with double pivoting, But it was really nice prolab.

After this lab, I decided to take some rest for a couple of days but also went back on school stuffs and start doing my assigments and homeworks, meanwhile i was waiting to start a new week with my last prolabs(offshore).

Offshore

Offshore is not only intermediate lab but also is a hard prolab I have never encounted so far but also is the pro labs with a large network among all the pro labs.

Offshore Pro Lab is an Active Directory lab that simulates the look and feel of a real-world corporate network. You are an agent tasked with exposing money laundering operations in an offshore international bank. As a real-world penetration tester, you need to assess the external perimeter, gain an internal foothold and pivot across multiple hosts and forests.
Users start from an external perspective and have to penetrate the “DMZ” and then move laterally through the CORP.LOCAL, DEV, ADMIN and CLIENT forests to complete the lab. To track progress, there are multiple flags planted along the way as well as a few side challenges not required to advance within the Active Directory environment. Players can submit flags to earn a place in the Offshore Hall of Fame and receive badges for various stages of completion.

Expect to Learn alot of stuffs with this prolabs such as.

1. Web Application Attacks
2. Enumeration
3. Exploiting Obscure and Real-World Active Directory Flaws
4. Local Privilege Escalation
5. pivoting and double pivoting
6. enumerating & bypassing AMSI without automation or binaries
7. Lateral Movement and Crossing Trust Boundaries
8. Evading Endpoint Protections
9. Reverse Engineering
10. Out-Of-The-Box Thinking

ATTITUDE / MENTALITY

1. Patience and perseverance
2. Willingness to do extensive research
3. Accept that you might fail many times than you will succeed;it’s part of the process(hardest part inside offshore is here)
4. Accept that there is something you don't know, so you need like a whole day-learning about that one(learned this from ippsec and oxdf - evidence took me a day to learn how to do double pivoting with metasploit)
5. Thinking out of box
6. Throw everything you know when is needed (Example on P.O.O you have to throw everything you know about enumeration, the same with offshore with inside the network)
7. Note taking is what you don't have to forget in your way or everyday life of hacking(If your not good at this believe/trust me you not going to make it with offshore)
8. Key attention to details