Just some reviews of Red Team Training courses (and some penetration testing courses too) that I have taken.
If you know of any Red Team training, or training that is close enough to be of benefit to Red Team operations, please drop me a line at redteamtrainingreviews @ redteamtrainingreviews.com and I will add it to this site. Not sure when I will get around to taking it, much less writing a review (both money and time are very tight at the moment), but at least I can have a placeholder for the future!
In case you are wondering, I decided to keep a page with a rough outline of which courses I signed up for and started taking, and the list can be found here.
I have a background in both server and network administration, some red team experience and some intrusion detection experience (with a smidgen of accidental DBA experience mixed in.)
Please don't think any of this came easily to me. It has taken years and years of hard work, constant learning and so many failures that it is barely believable. But one success can fill the void that a thousand failures have made. And I love to learn, so Penetration Testing / Red Team work is the perfect field. Let your failures teach you and always push forward.
Individual Courses listed under each providers page.
k>fivefour is starting 2024 out right. We are currently holding an RTAC class with updated materials to include new TTPs and BOFs. A more really exciting stuff is in the works. RTJC will be updated soon with new TTPs. The "Masters" program is being worked as well. New environments are coming soon as well.
I am still looking for more new training. Let me know if you found something exciting and new.
Having to download all the AD CS videos again so I can watch them and write my review.
I have been super busy of late and haven't had time to write my review of Altered Security - AD CS Attacks for Red and Blue Teams Lab but trust that the class is pretty top notch.
I have been super busy of late and haven't had time to write my review of Altered Security - AD CS Attacks for Red and Blue Teams Lab but trust that the class is pretty top notch.
I also went through the RTFM Video Library videos and answered all the quizes. The videos are pretty compact and full of good information, and the quizes were good too. Got my challenge coin in the mail today as well as some other swag. Really cool stuff.
Some exciting news is coming soon. If not later this year, early next year. I need a little time to get some stuff done before I make a formal announcement. But it should be more fun than some simple training class reviews.
Got word today that I have passed the K>FiveFour Red Team Journeyman Course exam.
Keep an eye out for new and exciting stuff from K>FiveFour coming real soon!
I have also made it a little ways into the Altered Security AD CS Attacks for Red and Blue Teams Lab. Keep an eye out for a full review for that course coming over the next few weeks.
Lots of updates. First, I took the K>FiveFour Red Team Journeyman Course exam for the second time. Two days of testing and to say I am exhausted is an understatement. You don't have to have a technically challenging exam for it to be brutal.
Just signed up for Altered Security - AD CS Attacks for Red and Blue Teams Lab. I had already been doing a super massive deep dive in to AD CS (some TryHackMe, some HackTheBox, Alh4zr3d's Demo/Teaser and much, much, more) so I expect this will just be icing on the cake.
Reached 'Omniscient' on HackTheBox this week, luckily before my test started. That was a crazy long journey and took the help of a LOT of people to accomplish.
And speaking of HackTheBox, I got another 50 pound gift card to the HackTheBox swag shop. Do I risk using it and paying another 12 pounds shipping to get stuff I didn't want and didn't order and then have to beg people to take, or do I save my 12 pounds and buy more training???
Got an e-mail from HackTheBox saying I had a discount code for 'Season 1 6-10'. I was like 21 so I don't know what that means. And all the e-mail says is to use the code at checkout. What is the code for? Which checkout? Why not take the time to explain more in the e-mail???
There were a few other updates, some MalDev Academy related and something else, but I am so tired right now I think it is past my bed time!
Sitting in on the K>FiveFour Red Team Journeyman Course for the next few weeks, as time permits. The training has changed since I first took the class. If I get a chance to take the exam next week, we will see if me having a few years more of red team experience helps me this go around.
Without going in to the numerous reasons why... let me just say for the record that Hack The Box has lost all my respect (and I do not recommend placing an order with the Hack The Box Swag Shop ever!) I will probably cancel my subscription, that I have held since March of 2019, but I will make that decision a little closer to the end of my currently subscription. And I may actually remove any review of their materials from this site.
Update 10 July 2023: Not as upset with HTB as I was that day, but it is going to take a lot of them getting stuff right before I will recommend them ever again. And the stuff that the Hack The Box Swag Shop shipped me (still don't recommend them based off mine and a large number of my friend's experiences), INSTEAD of what I ordered, has been donated as CTF prizes after everyone I offered them to refused them as well.
Luckily for everyone interested in becoming a red teamer, there are plenty of other training platforms out there to pick from.
I had seen on Twitter a few weeks back (maybe a bit longer) about the TryHackMe Red Team Capstone Challenge. I remember seeing a lot of people not happy about things, but I didn't remember what they were because weeks had gone by and I wasn't very interested after reading the Tweets so I had purged it from my mind. A while later, a friend sent me a link and asked if I had done it. Having forgotten all the drama, I decided to look at it again.
I thought it might be fun to jump in and give it a try. OMG! Was I in for a roller coaster ride!
I clicked the link and was told that you had to be a paying customer to access it. Ah, yeah, now I remember some of the chatter on Twitter. But $15 for a month is worth trying. "Well it is cheaper than other options", is what I thought. So I paid the $15
That is when I noticed a 7 day streak was needed to join. Ugh. I now remember all the chatter about that. And I had a little knot of dispair in the pit of my stomache. Oh well, I can wait 7 days and do a little something while I wait to get access. And as it turned out, I submitted a question, got a single day, and then a few hours later, I suddenly got a new day (guess the time zone difference.) So I wasn't as sad.
I did some easy rooms, and I really liked the layout. I just loved the double screen stuff. Maybe I missed some 'intro' class, so I did have a small learning curve on some of the things I worked on. I started the Red Team Track and was enjoying what I was going over (mostly just the intro stuff but it was pretty good.) Finally I hit the 7 day streak, stopped the red team track, and jumped in. I had 10 days to go. Which was really 9, but I could handle it.
And that is when the trouble started. I read all the info, jumped in, and started. It created me an email account, that didn't work, so I moved on to another box. Then I was working on that, and suddenly stuff stopped. I had been checking the page to make sure the lab didn't expire, and something happened but and now nothing worked. I never hit the extend button because I had read to refresh the page first, which I had done and there was time left in the lab but nothing inside the lab worked. No web pages, nothing. So I logged off for the day.
The next day, I was working on stuff (my email worked the second day after I went into the portal and had it verify it), and suddenly the lab resets right in the middle of trying things. Yup, as luck would have it, the VPN box seemed dorked, or someone was dorking it, and people just kept spamming the reset button.
I did a little rage quit. Left the room and went to bed. Got up and joined again. Noticed that my network diagram had new IP ranges, and so I had to do a little work to change my payload loader so that it would work for the new range. Once I had my code changed, compiled, tested against A/V to make sure it didn't get caught, I started back on the challenge.
It took me a couple of days to figure out the phish. And that was a major pain. When I finally got a working text/payload combination, I sent multiple emails and got multiple callbacks from the same user. That was fun. So now I had one callback I could work from, and if something bad happened, I had one in reserve.
Once that phish was out of the way, the rest of the lab went super quick until the end. I hated the portal at first, but once I figured out things, I grew used to it and began to liked it. That was really cool and userful. And I liked the way the submission and verification worked. [Never tested the Hint option...wonder if I could go back and try it.] I will say that the whole `tier` stuff threw me for a while, but once I finally understood what was going on, it made a lot more sense.
After that, I went through all the boxes so fast it wasn't even funny. I had typo issues with commands, and took lots of time to enumterate and note stuff, but actually lateral movement was ultra fast. I did take the time to somewhat clean up as I went, so that burned some time. As a matter of fact, I was going so fast, I just dropped HTTPS payloads on every machine and never realized it until the very end. Glad that HTTPS worked all the way, but wow, that was kind of cheezy.
At this point, I will say, I have no clue if I did the intended route or not. There was really no way to tell if someone had changed things, or I just took a route the designer didn't account for.
So I get to the last two flags. I own every box in the environment outside the VPN and the Web server at the start (never went back to figure those out) and the final box (which may have been out of scope or should have been anyway). And I can't for the life of me seem to get the password for an account I need to finish the lab.
When I got to the end, there was one user account that had been created and an RDP session had been established to the box. So I went through the logs the person left me on the box. :) I noticed a few commands that were run, and concentrated on figuring out why those commands were run.
This lead me back to a box where I had tried to get stuff to work before, and it wouldn't. By this time, there were like 7 or 8 accounts on that box, and multiple people doing stuff. Stuff was changing fast.
I was kind of mad, but was trying to work around all the junk left on that one machine. I ran tool after tool after tool, but nothing. And then I noticed that 3/5 reset requests had been submitted. I figured that people were using that last box, something wasn't right and people were getting upset and wanted the lab reset (but that was just my fear at the time). But I had two flags left, and I didn't want to work back to the end goal even though it would only take a few minutes after a reset.
So I dug harder, and finally got what I wanted. I quickly submitted the last two flags, and slowly worked my way out of the environment cleaning off stuff as I went. It was fine for other people to leave massive amounts of stuff on the boxes, but I hold myself to a little higher standard. I did leave my text files that the portal had me create, because I was unsure of what effect deleting them would have for me. None, I am guessing because resets clear them, but better safe than sorry. And a reset was looming, so text files were the main footprint I left.
And I got this neat badge...
Maybe I will create a TryHackMe subpage, finish the Red Team track, and write a review. And maybe then I will decide if I like HackTheBox or TryHackMe better...or like both the same amount but for different reasons.
But that subpage and review will have to wait because I started https://maldevacademy.com/, and opted to create a new website to highlight malware development training and write my reviews there. https://www.malwaredevelopmenttrainingreviews.com/ I know it is part of red team training, but I wanted a specific spot to highlight the malware development path that I am taking.
And I will say that between Sektor7, Zero-Point Security, and MalDev Academy, I had absolutely no issues with anti-virus going through the Red Team Capstone Challenge.
I have been away from the blog for a while.
I did finish both RTO and RTOII. Both of those was amazing courses and the exams were fun.
I recently got the updated materials from Altered Security to prep for the certification re-up (once everything is finalized). If I get the time, I will review the new materials and move the training out from under the PentesterAcademy heading and under AlteredSecurity. I actually think the site is ready for a whole re-do in the future.
I may actually start helping K>FiveFour with their Battlegrounds infrastructure. If I do, and you sign up for a class, don't hesitate to say hello.
I actually want to sign up for https://maldevacademy.com/ and take that course. It looks really cool, and my co-workers tell me it is cooler than it looks.
It is now 7:02 am on 19 Nov 2022, the test has begun. I woke late and I feel horrible. I also have a feeling of not being prepared and so I keep thinking I am going to fail. But I am here and let us see how this goes. I just clicked the launch button so let's do this.
It is now 2:15 pm on 20 Nov 2022. I submitted flag 8 a little over an hour ago. WOW!
It was a really good exam and I had a ton of fun. Might have had more fun had I been feeling better, but I think getting each new flag helped me feel better and better.
Now I just gotta wait and see if they say I passed. But I have my review updated with my exam experience.
Yesterday, I signed up for the RTO exam and I will take it this weekend and post some thoughts afterwards. I was pretty excited because it is more time to practice with Cobalt Strike and get ready for the k>fivefour Journeyman exam that I will be taking soon. These two exams will be night and day different, but there are some fundamentals that are the same.
Today I was sitting at my desk, doing my job, and got a new Discord notification. That is when I saw that RastaMouse posted an @everyone message. There is a 20% off coupon code of BLACKFRI22 that is valid until Monday. So guess what I signed up for!
Looks like I will have to make a review for RTOII soon too. I want to finish that by the end of the year. So one month to go. That means I really need to pass the exam this weekend.
I have also been slowly going through the Journeyman class materials. There have been a few things that I thought might be new, but were just things I never made notes on and didn't remember. I have seen a few new things. Soon I will be doing the Battlegrounds lab work over and over and over and over again to prep for that exam.
Luckily the RTO and RTOII are going to help me along the journey to journeyman.
I just spent the last two days at >tradecraftCON_ listening to some amazing talks, hanging out with Ben Clark and Nick Downer (RTFM v2) and many other people from the conference. all of whom are passionate about the red team community. This was an amazing conference with a huge variety of talks and it included a 'red team' CTF hosted inside the k>fivefour Battlegrounds' environment and an after event social at a local establishment.
Speaking of Ben and Nick. Finally got my RTFMv2 signed and have a photo
Upcoming changes. As I get ready to retake the RTJC certification test, I plan to update the k>fivefour review sections with more information and some thoughts and feelings on the new training materials (this will probably include a new format for those pages and an 'archive' link to the reviews as they currently stand). Plus, I plan to upload some new photos of swag that I have picked up recently.
I am also going to pin a page to the top and put some of my personal feelings and recommendations for a path to go from zero training to Red Team Operator. I will probably redo/modify the pages from my 'recommended path' page so that they stand out a little better.
I haven't done an update in a while. Sorry. Things have been a bit crazy at times. First, I have a review of HackTheBox's Genesis Pro Lab for Enterprise Customers. Next, I started HackTheBox's Breakpoint Pro Lab for Enterprise Customers and wrote a tiny amount on it. I signed up for Sektor7's RED TEAM Operator: Malware Development Advanced - Vol.1, but I haven't even started on it yet.
I did start the process to attempt to retake the k>fivefour Red Team Journeyman Class exam. I got some new class materials to look over (version 1.7 versus version 1.1). There are some videos too (right now I see 11). I am going to go over the materials, and try and redo my course review. I will also upload some new photos.
I also got Nick to sign my Red Team Field Manual v2 (RTFM) on Monday, but I didn't have time to get Ben to sign it, and I didn't have my book today when I saw Ben. Maybe I will remember soon, and get his signature and then upload a photo of my signed book. Of course you can take a k>fivefour class and if it is in person, you might be able to get Nick to sign your book, and Ben if you see him.
I will try and get the updated k>fivefour stuff soon, but I might need a couple of weeks.
Red Team Field Manual v2 (RTFM) https://www.thertfm.com/ has been released. Yes, I do personally know Ben and Nick (k>fivefour RTAC/RTJC...see my reviews for more info), and I do recommend you check this out. 'RTFMv2 is packed with updates and is now available in softcover, hardcover (coming Aug 2022), Kindle, and a new note taking edition as well.'
I finished APTLabs and my review for it, and Zero-Point Security's Red Team Ops course and most of my review of it. I also started Zero-Point Security's Offensive Driver Development class, and I need to start Sektor7's Windows Evasion class that I bought a while back.
I was slowly working my way through Zero-Point Security's Red Team OPs course when some friends mentioned starting APTLabs. I very quickly finished up RTO's course worked and jumped head first in to APTLabs.
I am 75% done with APTLabs and hope to finish the other 25% fairly soon. Then I will try and write-up my reviews of both and post them.
Wow. Over a month later and I am just now half way through Zero-Point Security's Red Team OPs course. So far it has been good, but I haven't had as much time to dedicate to it as I wanted. Maybe by next weekend I will have gone through the majority of the content and I can have a review up shortly afterwards.
I have been spending a lot of my time on HackTheBox and enjoying it while finishing up the Endgames (which were very fun).
I signed up for Zero-Point Security's Red Team OPs class. Review will soon follow, but I want a little time to dive into the labs first.
I forgot to upload my update on 21 February 2022, but I left it in for this update. TL/DR: I made Guru! I was so exhausted after reaching that point, plus, I was so busy with life, that I forgot to post. I did finish Undetected and Routerspace, and a couple of all of the Fortress except that one flag in Jet that I haven't figured out yet.
Now I am going to work on some retired Endgames to get used to those, and then I will try the two active ones.
I submitted a challenge and rolled over to Guru on HackTheBox...WOW! That was a lot of work.
I have been pushing super hard on Hack The Box lately. A few weeks back I was able to place in the Top 25 on the box Scanned (Insane). Today I was able to place higher in the Top 25 on the box Acute (Hard). I learned some seriously good stuff from both of those boxes.
But I am still about 10% away from my goal to get Guru rank. It has been pretty hard up until this point, and struggling just to maintain rank added to trying to move up has been nothing short of brutal at times.
So I have a LOT more learning to do, and more challenges to complete, to keep pushing through that final 10%. And if/when I make Guru rank, I plan to take a freaking well earned break. In the meantime, I have some really cool things to learn!
Happy New Year everyone. The journey to Guru on Hack The Box has been hard...very hard! I also found a little time the other day to sign up for The Cyber Plumber's Lab at The Cyber Plumbers Handbook. I do feel that having a WIDE variety of tunneling experience is a critical skill to have as a Red Team member.
After I finish the lab, I will write a small review, but since it isn't a full Red Team type course, I *probably* won't dedicate a page to it. That might change, but for now the plan is just a blurb on this page.
New Year and New Goals. I am working to come up with enought spare money to sign up for a course later this month, and then maybe one more before the end of the year.
I thought I was going to get Elite Hacker by starting/finishing Toby, but I am stuck pretty badly on that one. It is one of those times where there must be a gap in my knowledge that is keeping me from progressing, or either I reached a point with it that I was exhausted and not able to think straight. So I found a challenge that didn't seem too bad, and I finished that, but it didn't get me to Elite Hacker status.
At first I thought that I was going to have to figure out root on Hancliffe and was not looking forward to the headaches I would have from that one, but when I was going through the machine list, I realized I had overlooked Overflow. Look at my last update, and you can probably guess that I mentally blocked out Overflow. Overflows and stuff like that are not *YET* my strongest skillset. But, I was listed as a Hard box and not an Insane box, so I pressed the spawn button and waited for the box to spin up. A few minutes later and I started getting excited because it looks like the person that created the box left big hints.
Then I spent four hours waiting on a task to finish and when it did, the results indicated something was wrong. Checked my files and one of my applications spit out a format that it was not supposed to. I still don't know how that happened, but I went back and manually added some stuff, and started the process again. An hour or so later I am realizing I made a mistake. Corrected my mistake and suddenly I am moving forward, and then I have a shell on the box and see my path forward...
It didn't take long to find what I needed (shout out to the creator for not making that harder than it could have been), and boom, I had the user flag. I submitted the flag, and it was accepted. When I checked my stats, I had gone from 100 to 101 place, but I had finally reached Elite Hacker status and was working toward Guru.
This has been a super fast, brutal journey toward Elite and I shudder to think about pushing that hard to try and reach Guru. I still need to finish a few of the Fortress labs, and I have a ton of challenges to go, but there are some of those challenges I have started and just stopped and moved on from. And some challenges I thought I had working locally, but, when trying them out online, nothing seemed to work so maybe I will go back to those later.
All I will say is that I will spend the rest of December in "slow going" mode and push forward, and then I will start the new year with the Sektor7, TCM, OffSec and maybe the Zero-Point Security classes. 2022 is looking to be an amazing year already!!!!
Ugh!!! On second thought, I am going to dedicate 2022++ to learning reverse engineering, exploit development, antivirus evasion, strengthening my web assessments skills, and strengthing my programming skills overall. I signed up for a few classes over the Thanksgiving holidays, and will start those soon.
Trying to reach Elite Hacker status on Hack The Box is a heck of a lot harder than I thought it was going to be. I am always amazed at how different some things are now versus when I first started my journey in offensive security, and how some things seem just as hard as they were or at times even harder. And no matter how much I learn, there is always much much much more to learn!
I have done more code review in the past two weeks than I ever expected to do in my life. I have written more code (Python and Bash) in the past few weeks than I thought I ever would (luckily I can reuse previously coded stuff to speed things up, and there are so many examples on the web of how to do things that it helps a lot.)
I have dedicated a LOT of time to this effort. Many thanks to those who have stepped up to provide some hints, when needed, along the way. Maybe one day I will not have to ask for any hints, and can do it all by myself without even having to look at my notes; but, until then, I will continue pressing forward and learning as much as I can, because, after all, that is what it is really about...the learning.
If I make it to Elite Hacker status (or even if I don't), I am going to take a break and spend a few months on doing nothing but reverse engineering, exploit development and antivirus evasion. I need to strengthen areas that I am not that strong in, so, if you have any recommendations for training other than that already listed on this site, please let me know at redteamtrainingreviews @ redteamtrainingreviews.com
My rank is slowly decreasing, but I still have a very long way to go and I have gotten a LOT of the low hanging fruit so the real grind begins ... but you can watch my badge and maybe one day it will flip to Elite Hacker (if my brain doesn't implode from too much knowledge before then):
A few friends and I signed up for a CTF competition a short while back. None of us had as much time to invest into the competition as we would have liked, but we placed in the top 10 which I don't think was too bad. However, I realized that I had let a few of my skills get rusty and so I decided to go back to Hack The Box and try and few machines. After a couple of boxes to get me back in the groove, I decided to see if I can progress to Elite Hacker. I have spent a LOT of time working my way through a few boxes, and I have had a lot of fun doing it. I have identified a few weakness in my skillset as a result of this journey so far, but I have made a note of it and will work on strenthening those skills in the coming months.
So for now I am concentrating on finding a new, stable job, brushing up some skills, and figuring out my path forward.
I got a chance to alpha test the Yaksas CSC Red Team Adversary Emulation course lab, which means I had to rewatch some of the videos as I worked my way through the exploit path. I am still very impressed.
I did not start back on TCM Security's Windows Privilege Escalation course, instead, I received an email about a course I had never heard of. Yaksas CSC has a Red Team Adversary Emulation course, targeted toward beginners, and it was a great course. It was super easy and fast and I started and finished it this weekend. Check out my review, then check out the course for yourself.
I had planned to sign up for the Red Team Ops course so that I could force myself to use/learn a different C2 platform, but then I saw where the course is moving to Cobalt Strike, and using SnapLabs to host their labs... Well, now I am seriously saving up some money to sign up for this course.
The Cybersecurity & Infrastructure Security Agency (CISA) has released the Cybersecurity Workforce Training Guide. If you are currently (or plan to be in the future) a federal, state, local, tribal, territorial (SLTT) staff and are interested in cybersecurity, check this guide out at: https://www.cisa.gov/publication/cybersecurity-workforce-training-guide.
In other news, I had to stop watching TCM Security's Windows Privilege Escalation course when other events came up, but I hope to pick back up on it this weekend. I enjoyed it up to the part where I had to stop, so the remianing portions should be good as well. Then maybe I can get that reviewed and posted. I also need to write a quick review of Sektor7's Windows Persistence course.
Finished my review of TCM Security's "Movement, Pivoting, & Persistence" course, and posted a little review of it. I have already started the Windows Privilege Escalation course, and I am not going in to this course with any preconceived notions.
Hmmm, so I got a 50% off coupon from TCM Security and went ahead and signed up for TCM Security's "Hacker Bundle". Looks like I have more training to do over the weekend. At least it is a long weekend. So stay tuned, and I will let you know how it goes.
I signed up for TCM Security's "Movement, Pivoting, & Persistence" course. It was a very afordable price ($29.99), and only a few hours worth of training (5 hours), so it should provide something to do over the holiday weekend. Hopefully I will finish and write a review this weekend.
In other news, the flags on my GitHub page have been removed (GitHub also explained to me why it flagged in the first place) and so I can start adding content back to https://github.com/redteamtrainingreviews. I still may create a place on this site to host stuff as well, but for now this will do. But I guess I have to recreate all the subpages and find the code that I had been planning on hosting there.
I passed the PentesterAcadmey PACES certification exam. It was a very challenging, and rewarding, certification exam. All of the PentesterAcademy training that I have taken is top notch, and the price is very affordable (especially when paying out of your own pocket).
I just found out that my GitHub page was flagged and hidden, but I don't know why yet. I moved the 'OpenVPN Menu' script to my misc-notes repo and deleted all the other repos. I probably won't create specific repos, because what I planned to post was going to be generic scripts that made my life easier and just put them under the class I took when I wrote them (and truth be told, I usually take the generic ones and edit for specific things after I write them the first time.) If I ever get more free time, I may just host scripts on this site and not deal with Github at all, OR, I may create and sale a really cool PDF of things I do in these classes that I find other people do not do and makes things much simpler.
You can now e-mail redteamtrainingreviews @ redteamtrainingreviews.com and reach me with questions or comments.
I signed up to retake the PentesterAcademy PACES exam. That weekend is already starting to fill up with other life issues, so I don't know how well things are going to go. In other news, I finished the Sektor7 RED TEAM Operator: Windows Persistence Course and I got the CoC, but for some reason I didn't upload the review like I thought I did and so I will have to go back and find my notes and update that page.
Final note: Taking a non-red team job has been exceptionally hard for me. That being said, I have been planning the order of red team related training courses that I want to take to fill the void created when I quit my last job. I will try and keep my skills current, and I will try and give back to the community that has given so much to me.
It is a very sad day for me. For the second time, I have left a job working with along side a great group of people. The first time I left due to health issues, but this time I left due to money. Hopefully, in the near future, I will be able to afford some of the training classes that I have been wanting to take. And, as I start a new chapter in my life, I am going to try and push myself to branch out more and more and give a little back to the community.
Today I created a GitHub page. Check it out at https://github.com/redteamtrainingreviews I am going to be putting some of the scripts that I have written during these training classes that have made life easier for me. I am also going to work on a blog to highlight some of the TTPs that I have come up with while taking these training classes (specifically things that I did that others I have talked to didn't do and that I think may be helpful).
Having left Millennium Corporation, and the DoD Red Team community, I would like to state, for the record, that my views on the k>fivefour training are unchanged. It was very different from other training that I have taken, and highly relevant for the environment I was in. Maybe one day I will get to revisit the Journeyman course and test. And if you end up taking their training after seeing this website, please don't forget to tell them RedTeamTrainingReviews said "Hi!"
I have decided to attempt the GCB PACES exam again, and then I will possibly take Zero-Point Security's Red Team Ops course. These will most likely be my last red team oriented training/certifications as I will be leaving the red team community soon and will transition in to new and exciting career adventures. I have written some custom tools based off the k>fivefour RTJC class and the Sektor7 classes to prepare for PACES, and I plan to try harder on the GCB exam than I did the first time. (I will also sign up for and take the new Sektor7 class when it releases in May and write a review for that too.)
I just wanted to post to say that I might not be posting full reviews for a while (but I will probably go back and update some past reviews.) I also might sign up and retake the GCB exam (PACES) again, and if I do, I will update the review page. As soon as I get enough money to start taking more training, I will start posting more reviews, but I am not sure when that will be.
Well, the new year is upon us, and I have mostly finished Hack The Box - Dante. I have written the review for it and updated the page. Check it out if you have a minute, and if you are new to penetration testing and red team training, this might be a pretty cool place to start. In other news: Offensive Security released (EXP-301) Windows User Mode Exploit Development (OSED). After attending the "OffSec EXP-301 AMA Webinar", I am torn as to if I should take PEN-300 first or go in to this. I guess it will really depend on if I can get my employer to pay for it. I've have also added some links to new training sites that I have found.
I wish everyone a very happy happy new year. 2021 is only hours away!
I wish everyone a very happy holiday season, and hope everyone stays safe as the year draws to an end. As for my previous commments on INE/eLearnSecurity...I think I made a mistake. So I am guessing that the e-mail from INE that my downloadable content was for some really old CCIE stuff that I had forgotten about...I saw nothing to indicate it was for the eLearnSecurity content. I have broken the links for the eLearnSecurity reviews since there were no reviews and now the classes are found under INE and the certifications are under eLearnSecurity. Also, as well roll in to the new year, I am looking forward to the new classes and the deals that Offensive Security is going to be releasing. 2021 here we come!
I uploaded some CoCs that I hadn't gotten around to uploading yet. Also got an e-mail from INE and here is what it said: "Our records indicate that you purchased an INE course for download. Unfortunately, we will no longer be storing these course downloads on our platform after December 31, 2020. If you would like to save your course to your computer, please log into your account before December 31, 2020 and download it." I keep looking for good news in all these e-mails that I keep getting, but to me it all seems to be bad news and it seems to get worse with each e-mail. Their 'section' of this website is now scheduled to be removed as of December 31, 2020.
Sektor7 sent out an e-mail about Black Friday specials. All prices were reduced by $30 and no coupon was needed. Having just finished the Sektor7 "RED TEAM Operator: Malware Development Intermediate Course" review, I figured it was time to give the RED TEAM Operator: Windows Persistence Course a try. So I purchased the course, and then I got an e-mail about an hour later that the sale would go on all week (until the end of Sunday, December 6, 2020.) If you have been thinking about taking any of these courses, now is a great time to purchase them at a discount. I also missed that they offer a Certificate of Completion upon request. So I have requested CoCs for the courses I have completed and will add graphics to those pages as soon as I get the CoCs.
Happy Thanksgiving everyone! I added information to the Sektor7 "RED TEAM Operator: Malware Development Intermediate Course" review. I really enjoyed the second class as much as the first. I learned a lot during both of the Sektor7 courses, and I am looking to gain more knowledge on that subject. Plus, I hope to purchase the other Sektor7 training courses soon and write reviews on them. I have also updated my thoughts on INE/eLearnSecurity on the eLearnSecurity landing page, and, due to the way I currently feel toward them, I will probably remove that section early next year (unless something changes my mind between now and then). I am also waiting to get a little more information on Silent Break Security's Dark Side OPs before I update that subpage.
I added a little bit more information to the Sektor7 "RED TEAM Operator: Malware Development Essentials Course" review. I really enjoyed the class, and I am starting the Intermediate course.
Happy Halloween! I have made a few updates... I have started creating subpages, with a little information and links to the training provider's page, for the training listed on the lower right hand side of this page. I also had some free time this past week and have gone through the Sektor7 "RED TEAM Operator: Malware Development Essentials Course" and started my review of it. Plus, I also purchased Sektor7's "RED TEAM Operator: Malware Development Intermediate Course" and plan to start the course and review soon. Recently, I have also gotten a LOT more information on Silent Break Security's Dark Side OPs course and, since the class seems to be pretty amazing, I may add some of my thoughts to that subpage (and do a full review if I get to take the class in the future.)
I finished Hack The Box's Cybernetics, and I have updated the review section for it. I am also debating on what training class I plan to take next (but right now I don't have the funds for any training so maybe I will just work on some updates for this site!)
I finished Hack The Box's RastaLabs, and signed up for Hack The Box's Cybernetics. So I have also added a little to the review section for Cybernetics.
I am actually recovering faster than expected and am almost back to normal typing...almost, so there might be typos. I updated the site a little, added a course I forgot about, which was Virtual Hacking Labs, and I am working on the links pages where I hope to provide a huge list of training course for you to choose from. Some major updates to RastaLabs and some minor updates to AWAE. Oh, and check under Offensive Security's subpage for a link to their new Proving Grounds (in case you haven't seen that yet.)
I am about to have a short period of down time (probably no updates for September unless I learn to type with my left hand only) and so I was looking for stuff to do after my AWAE time expires. I was thinking about CTP. I happen to see the Offensive Security news release, very shortly after it was posted, about the retirement of the CTP and the changes to the OSCE. Read more about that here! As I do not feel I will be able to afford the class before it expires, and getting back in to AWAE this month has been very slow going for me and the idea of retaking that test in the next year or so does not sound like a good idea, I am thinking of removing the CTP page from my Offensive Security subpage, and possibly giving up on future Offensive Security training (yeah, that probably won't happen, but still), and trying to find something else to fill my time. (I did find a few new sites that offer "Red Team" training, and I will be updating my page to include them soon.)
My frustration level last night hit a high point while trying to get some time in the Offensive Security - AWAE class. It didn't have anything to do with Offensive Security or their labs... it was my Kali Linux VM that kept freezing over and over again and requiring a reboot and then required me setting everything back up in the lab before it froze again and I had to start over. So, I updated my Kali Linux VM, shut down for the night, and decided to take a break tonight and also take one of my co-worker's advice (which was to update RTJC while it is still fresh in my mind.) I had kept notes during the class, but just never moved them over.
Updates as of 02 August 2020
I added to the Offensive Security - AWAE class to capture some of the feelings I remembered from my first time and some of the differences this go around.
Updates as of 01 August 2020
I added to the eLearnSecurity section while I am waiting on my new AWAE class time to start.
Updates as of 26 July 2020
I already had most of the Attacking Active Directory with Linux Lab review written, and part of the CyberWarFare Lab review written. So I copy/pasted the review into their place holders, and added the formatting and then did a little editing and adding and got both reviews up. Although I need to go through the entire site and review for spelling and grammar, at least the gist of what I am trying to say is there.
Updates as of 24 July 2020
I signed up for the Attacking Active Directory with Linux Lab from PentesterAcademy and have been working on that review. I am almost done with the third path of CyberWarFare Labs and have been working on the review of that as well. I have also added a section for Sektor7 training, and I have the Malware Development Essentials course, but I only watched the first video and got side tracked. PLUS: I am working on a review of the k>fivefour Red Team Journeyman Training course. Please bear with me because I also start 30 days worth of the updated AWAE class from Offensive Security. They added 50% more content, and I wanted to get the upgrade and go through it. Oh, and I also started back on RastaLabs, had a much better experience this go around, so I need to get around to updating that review soon too.
Updates as of 14 March 2020
New stuff added to the RTAC k>fivefour training page (cool new swag.) Updates to the "Hack The Box" Offshore (after the most recent update) and RastaLabs pages. I also finally got around to taking the PentesterAcademy GCB Exam and wrote a little about that (I didn't complete the exam.)
Updates as of 20 January 2020
The new year has started out at a crazy fast pace, and my whole site revamp is stalled so badly I think it might go in reverse soon. I have, however, taken a few minutes to add data to the "Millennium and k>fivefour" site to reflect their new course offering: Red Team Journeyman™ Course. And a little more on the "Hack The Box" Offshore page.
Updates as of 01 January 2020
New Year! New update. The holidays have been busy, but I have gotten to invest a little time in Hack The Box's Offshore labs. I wrote a quick blurb so I can say I updated this site, but I hope to get back in the swing of the site re-working. And if you are wondering, my New Year's Resolution is the same as my everyday resolution: 1) To Learn New Things and 2) To be better tomorrow than I am today.
Updates as of 14 December 2019
OMG! I finally finished GCB and the last few sections were well worth the entire cost of the course alone. I updated the review a little, and am still working on the site revamp, but that is going slower than expected due to getting ready for the holidays and some time sensitive projects I need to complete.
Updates as of 08 December 2019
I am in the process of re-working the entire write-up sections for each review. I want to change the way I have presented information. More facts on the top, and then my ramblings at the bottom for those that want to read them. I think it will also help the reader compare training details so they can decide where to spend their hard earned dollars.
Today, however, I have updated a few pages in preparation of the re-working, and I added more to the GCB review.
As far as a potential RTJC class on the horizon... I saw a post on social media that the new RTJC course test was brutal. Two days! This isn't two days taking the test from the luxury of your home, but two days sitting in a class room with other people who are also taking the test. I'll bet it will be amazing, but brutal, when it is released!!!
Updates as of 15 November 2019
Made a few updates to the GCB Lab review. As of today, I am mostly done with Section 1 - 6, and I am getting to the sections that I really want to do, but, alas, I want to revisit Section 6 again this weekend so maybe over the holidays.
GREAT NEWS: I saw some chatter online this past week that indicates k>fivefour is working on the Red Team Journeyman™ Course (RTJC). Keep your fingers crossed that I eventually get to go, because I am crossing my fingers and toes crossed. And please keep your fingers crossed that I get the same teachers I had for RTAC!
I really want to see how this compares to the Pentester Academy classes.
Updates as of 11 November 2019
New update to the GCB Lab review. A minor update to another page. It has been a while, but I have been putting a lot of time into the lab, and I am not even halfway done.
Updates as of 24 October 2019
I am still having a blast in the GCB Lab. I learned several new techniques reading the PDFs and watching the videos, and now I am getting to use those techniques in the lab.
I haven't done much updating lately, but I have added a few tidbits here and there..
Updates as of 18 October 2019
I uploaded some photos, but I haven't done much writing/editing of the reviews as I have been a little more busy than normal.
I started GCB and have been through the videos. I have learned some really cool stuff, and gotten some time in the labs to put that learning to the test.
Updates as of 09 October 2019
I am still working on the PentesterAcademy reviews, and adding to the RTAC review, plus I took the PentesterAcademy Active Directory Lab exam not too long ago.
I will start PentesterAcademy's GCB Labs very soon, so I hope to write about it as I progress.
Updates as of 03 October 2019
I've made some progress on the Millennium Corporation and k>fivefour RTAC course, but I still want to add more to it.
I've also started on the PentesterAcademy reviews.
Updates as of 29 September 2019
Millennium Corporation and k>fivefour - Red Team Apprentice™ Course (RTAC)
I am currently working on my review of the RTAC class. I hope to have this complete soon and will then move to some of the PentesterAcademy courses.
Reviews of Red Team Training courses (and some penetration testing courses too) that I have taken. Copyright © 2023
Contact: redteamtrainingreviews @ redteamtrainingreviews.com