.png)
Certified Red Team Operator
My Honest Review
The Red Team Ops certification by Zero-Point Security is an absolute gem in my opinion. It boosted my Active Directory knowledge significantly and gave me real experience working with a C2 (Cobalt Strike). For me, it was worth every dollar. I highly recommend this course to anyone who is curious about red teaming and wants to dive deeper into offensive security.
About a month before buying the course, I competed in the Information Technology Competition hosted by MISSA at Cal Poly Pomona. With almost no penetration testing or offensive security experience other than a few workshops and maybe one or two Hack The Box labs (which I used write-ups for), my team did not place well LOL. If I remember correctly, we placed 5th out of around 7 or 8 teams. Even though we didn’t do great, I learned a lot during the competition and it sparked a real desire to get better. That eventually led me to purchasing the CRTO course.
At the time I bought it, I had a lot of extra free time, so I finished the course pretty quickly. It took me a little over 2.5 weeks to get through the material and then about 2 days to complete the exam, so roughly three weeks total. Keep in mind that I had a lot of time available and would spend up to 8 hours a day working through the content.
I happened to buy the new version of the course on the exact day the new platform was released. This came with its pros and cons, which I’ll talk about later. Overall, the course itself was extremely well done and very easy to follow. The new platform made it super convenient because you can access the lab activities directly in the browser. The information throughout the course was incredibly valuable. I especially want to highlight the Kerberos chapter, which was written very well. It gave me both an offensive perspective and a better understanding of how certain Windows components work overall. Rasta also explains how many of the attacks taught in the course can be detected by blue teams. As someone who is still unsure whether I want to go red side or blue side, this was something I really appreciated.
Everything on the exam is taught in the course, so nothing will come out of nowhere or require outside knowledge. The course and labs are structured very clearly. As someone new to red teaming and offensive security, I found the exam difficult. However, this was probably due to my lack of experience, and you may find it easier if you already have some exposure to these attacks or a stronger understanding of red team methodology. The exam used to be flag-based, but with the new platform it has changed. It is now objective-based for half of your score, and the other half is based on your OPSEC performance. You get up to 48 hours to complete it. I used around 20 hours over two days. I will not lie and say it was easy. There were definitely moments where I stared at my screen with absolutely no idea what direction to go next.
From my experience, everything you need is covered in the course, so it is hard to recommend specific areas to focus on. My advice is to understand all sections well before taking the exam. I made the mistake of rushing certain areas, which forced me to backtrack to my notes during the exam and probably made things harder than they needed to be.
Overall, I definitely recommend this certification if you have the money and are ready for the challenge.
Also, shout-out to Dylan, my mentor now, for answering my questions before I purchased the course.