Attacking and Defending Active Directory : Bootcamp Review

Hello Guys,

In February 2022, I enrolled in a boot camp for attacking and defending Active Directory. It was a great experience for me. Before joining boot camp, I did not know of Red Teaming. I had completed MCSA training in the past, so I was aware of the Active Directory and its basic concepts.

First, I would like to thank you, Nikhil Mittal, my instructor and the guy who is known for his contribution to the active directory security domain. Bootcamp differs from the course that you get on the pen tester academy website. In Bootcamp, Nikhil Mittal teaches you in live sessions. You can ask your questions to Nikhil during Bootcamp, this was the best takeaway I felt from this Bootcamp. In this course, you have 22 objectives, and on completion of these objectives, you will find some flags. There is a flag verification panel on the website to submit flags. On submission of all the flags, you get a Bootcamp completion certificate, which is another advantage of this Bootcamp. (https://www.credential.net/3426307d-a4a6-4b51-add7-3cdc9f3f90ac#gs.13jtye)

Bootcamp Details :

They divided Bootcamp into 4 live sessions. Which were conducted by Nikhil Mittal. You can play your lab along with Nikhil while doing Bootcamp. But I would recommend attending Bootcamp with full attention, so you will not miss any concept. You will get a recording for the session so you can go back to videos and understand concepts in brief.

Labs and Assignments :

The lab contains 22 learning objectives. You can access the lab using a VPN or a web-based system. I used a web browser. The lab was pretty fast and responsive. I felt no lagging during my lab time. Once i got stuck with a network issue and raised ticket to support, they resolved my issue in no time.

Note Making :

Note Making is an important part of any exam or training. I am not good at note-making but this time I tried my hands. The notes I took during my learning phase helped me in my exam. I used notion.io for note-making. I divided my notes into different parts, like. Sometimes i take time notes from particular attacks or sometimes I took notes for lateral moment activities. Everyone has a unique style of note-taking so you can develop your own.Exam

CRTP Exam :

We have given the student machine with low privilege users and we have to go for privilege escalation. After getting a privileged user for the student machine, you have to do recon and compromise 5 server machines. You get 24 hours to compromise these machines, but to complete your exam you get 25 hours. Pentester academy gives you another hour to set up your box. I completed my setup within 10 min which was super easy.

Conclusion: CRTP Bootcamp is the best way to learn and complete your CRTP certification path. Every day in your lab is worth it, just focus on learning.