Certified Red Team Professional (CRTP) Review: Buried Treasure
An in-depth review of the Certified Red Team Professional (CRTP) certification from Altered Security. Discover why this course is a hidden gem for Active Directory security professionals.
After completing my OSCP journey, I was hungry for more specialized knowledge in Active Directory attacks. That's when I discovered the Certified Red Team Professional (CRTP) course by Altered Security - and what a hidden gem it turned out to be.
What is CRTP?
The Certified Red Team Professional (CRTP) is a hands-on certification focused entirely on Active Directory security. Unlike other certifications that cover broad topics, CRTP dives deep into AD enumeration, lateral movement, privilege escalation, and persistence techniques.
Course Structure
- • 30+ hours of video content
- • Comprehensive lab environment with 5 domains
- • Real-world attack scenarios
- • 24-hour practical exam
Why CRTP is a Buried Treasure
1. Practical Focus
Unlike theoretical courses, CRTP is entirely hands-on. Every technique taught is immediately applicable in real penetration tests. The course covers:
- Domain Enumeration: PowerView, BloodHound, and custom scripts
- Local Privilege Escalation: Service account abuse, token manipulation
- Lateral Movement: WMI, PowerShell remoting, DCOM
- Domain Privilege Escalation: Kerberoasting, ASREPRoasting, DCSync
- Persistence: Golden tickets, silver tickets, skeleton keys
2. Realistic Lab Environment
The lab environment mirrors real corporate networks with multiple domains, trusts, and realistic misconfigurations. This isn't a CTF-style environment - it's designed to simulate actual enterprise AD deployments.
Lab Highlights
- • 5 different domains with various trust relationships
- • Multiple attack paths to domain admin
- • Realistic user behaviors and configurations
- • 30-day lab access (extendable)
3. Excellent Value for Money
At $249 USD, CRTP offers incredible value compared to other specialized AD courses that cost 3-4 times more. The quality of content and lab access duration make it one of the best investments in cybersecurity education.
The Exam Experience
The CRTP exam is a 24-hour practical assessment where you need to compromise multiple domains. Unlike other exams, there's no report requirement - just demonstrate your skills by capturing flags.
Exam Tips
- • Take detailed notes during lab practice
- • Master PowerView and BloodHound
- • Practice privilege escalation techniques
- • Understand trust relationships thoroughly
Who Should Take CRTP?
- Penetration Testers: Essential for internal network assessments
- Red Team Operators: Core skills for AD-focused engagements
- Security Analysts: Understanding attacker techniques
- OSCP Holders: Perfect next step for specialization
Comparison with Other Certifications
Having completed both OSCP and CRTP, I can confidently say they complement each other perfectly:
- OSCP: Broad penetration testing skills, buffer overflows, web applications
- CRTP: Deep Active Directory specialization, enterprise environments
- Together: Complete skill set for modern penetration testing
Prerequisites
While not mandatory, I recommend having basic Windows administration knowledge and some penetration testing experience before attempting CRTP.
Conclusion
CRTP truly is a buried treasure in the cybersecurity certification landscape. It provides specialized, practical knowledge that's immediately applicable in real-world scenarios. The combination of excellent content, realistic labs, and affordable pricing makes it an essential certification for anyone serious about Active Directory security.
If you're looking to specialize in internal penetration testing or red team operations, CRTP should be at the top of your list. It's not just another certification - it's a comprehensive education in one of the most critical areas of enterprise security.
Ready to dive deep into Active Directory security? CRTP is waiting to be discovered by more cybersecurity professionals. Don't let this treasure remain buried!