Course Reviewed
Course Format:
This course is online.
Course Materials:
This course materials included videos (instructional as well as walk-throughs), slides, and a lab manual
Class size:
The class/lab is just for you and is not shared. You do have to click a button to build your lab for the first time (then you just start the lab when you want to use it each time after that), and you have to stop the lab when you are finished using it (there is an auto stop feature, it auto stops after a period of no activity, but that feature can be disabled and possibly expend all your time if you aren't careful.)
Lab Environment
The lab environment is NOT shared with other students.
Estimated cost:
At the time of this review, the course prices were listed as follows (Check the web site for actual prices!)
30 Hours $149.00 USD
Course overview:
This course will teach you how to attack Active Directory from a Linux based host instead of attacking from a Windows based host. The target machines are all Windows Server 2019 and it is a fully patched AD environment.
My motivation:
I had just gone through some down time from training, and was starting to look for something new. Plus, I really wanted to access a new environment to test out a few things. I figured that this would be an easy course to go through, and I wasn't expecting to learn anything new (boy was I wrong on that part.) I also didn't have the thousands of dollars that I wanted to take a more expensive course, so this course met all my needs.
My review:
I received an e-mail from Pentester Academy that they were releasing a new lab called Attacking Active Directory with Linux. The e-mail listed that this class was a beginner friendly course, and people who already knew the information should look at one of the other three labs, but it also said that basic Linux commands and basic understanding of information security concepts were needed for the lab.
When I clicked on the provided link to check the class information, there were a few things that stood out from the start:
"Attacking Active Directory with Linux (LinuxAD) is a training environment and playground. Students get access to dedicated lab setup (not shared with other students). The lab contains a Linux based machine to execute attacks and a target AD setup. The target AD is a fully patched AD environment with all Server 2019 machines."
"There are 30 flags to capture across various categories."
As I am running low on training funds, I checked the price. And the price wasn't bad. The website says that it provides 30 hours to be used in 30 days. After reading that, I figured one flag per hour and hopefully the flags are pretty easy. I also figured if it didn't average an hour to get each flag, then there would be time left over to experiment in the environment. With roughly 13 learning sections, I thought that those flags were probably scattered around fairly well.
I was hyped up and ready, so I clicked the sign up link, and I registered.
Small side rant here:
I know that a lot of people are going to look at my past and question my motivation for taking this class. So let me briefly explain my thought process in a little more detail than I did above. I work a job that requires me to maintain a certain number of training hours per year and the training has to fall within a specific subject area. I have not had any issues in the past with submitting training hours from offensive security classes/labs/etc., so I always look for offensive security training. And since it is job related, I am always able to justify to myself a new training opportunity... BUT, most importantly, I need to constantly use these tools and techniques to keep them fresh in my mind. Yes, I have set up my own environment, but then I know what I have set up and am just typing commands with no thoughts. Yes, I have used an environment that someone else set up, but again, if it doesn't change, I am just typing commands with no thoughts. So to keep this fresh for me, I do things like sign up for new classes (easy or hard it doesn't matter I just need something new) and I get experience in an environment that requires me to think and not just copy/paste commands or type commands from memory. And the older I get, the more I need to keep using my skills in any 'down time' I get. Plus, it keeps me from going home, and playing video games all night every night (but I do play video games and do other things too.) Everything in moderation, right? (Maybe I will reach a day when I don't need to do this, but that isn't today.) {And just as an aside, I don't limit myself to just offensive security learning, I try learning new languages, defensive skills, or pretty much any new skills that might be computer or life related, etc. I love learning and push myself to learn/do new things.}
Now back to the course review.
I paid the money and within a short period of time (it looks like a few hours...but they say they will respond within 24 hours so I went to bed after paying and the e-mail was there when I woke up the next morning.) I opened the e-mail and got a link to access the course content.
When I logged in, I was greeted with a really well laid out screen showing me what to do to set up my lab access. I skipped that for the time being and started looking at the course content, and going through the available options.
I clicked the Flag Verification link. To me, everything was straight forward. They told you what flag to submit in each block. Cool. Next I clicked the Course Videos link. 14 videos ready to play. I clicked the Walk-through Videos link. Ooppss. Not the time to start clicking and watching all 18 of those videos. So let's move on. I then clicked on the Lab Manual link. The manual pops up in the browser. The start of the table of contents looks good, there is some important information about the lab at the start, which I skimmed, and then I start scrolling down faster to get to the content. The content was looking great. Then I saw something about capturing the first flag (I had seen the word flag in the table of contents but was scrolling too fast to pay much attention). Stop. Nope, back up for now.
But a quick note here. To be brutally honest, I really wasn't expecting to learn anything new in this course, but I was *hoping* to learn something new. As I did my super fast scroll, I caught a PowerShell command that I was not familiar with, and went back for a closer look. I normally gather the type of information that this Powershell command collects using a method that can be overwhelming with all of the output but this command has the potential to be so much more. So I am going to be learning at least a trick or two. Guess you can teach an old dog new tricks.
Course Slides is the next link to be clicked. Just like with the other Pentester Academy classes, these slides are amazing. They have the same look and feel and so if you like the other slide decks, this one will not disappoint. The Frequently Asked Questions link was the next on the list for me to click on. It had 18 questions and answers and it answered a few questions that I had been getting ready to ask.
As a small note: there were links at the top of the page for me to click if I was having trouble accessing the content in my browser. So if something isn't rendering in the browser correctly, then having other options besides switching to a different browser was very thoughtful. I can tell a lot of thought went into the design of this course.
So I jumped right in to watching the videos and following along in the slides. And a few videos/slides into the class, life decided to put a pause on my training, and I spent almost three weeks not getting to do anything with the class because my job was paying for me to attend another course. As a result, this review isn't going to be what I wanted due to lack of time.
I failed the certification exam that I had taken for the course I attended smack dab in the middle of this course, and I was a little down over the whole thing. Not because there was some super technical thing that I missed (I would have been okay with that), but rather because I lost my focus several times and time management (which I still have problems with on almost all certification attempts these days) got the best of me. Luckily I was running out of time in this course, and I needed to put a little time and energy in to itto keep me from dwelling on the exam failure.
When I was done with the other course, I came back, clicked the button to set up the lab (which takes a little time, but they tell you it will take a little time), connected and started stepping through the lab manual. The steps were well written and easy to follow. I didn't have any connection issues, and, having used a similar setup with GCB Labs, the GUI was very familiar and very comfortable to use.
Using msfconsole was not new to me, but then again, I rarely use it, so getting a chance to go through the course using that, well, it was really neat. [I've used Covenant C2, PowerShell Empire (and I hope to get a chance to use SharpC2 in the future) so the concepts are all similar.]
I was making steady progress following along with the manual, because I didn't have enough of my 30 days left to wing it (I still had plenty of those 30 hours left), and I was learning some new tricks. {And here I was thinking there would be nothing new to learn... and I had already made note of several techniques for later use.} And then it struck me that I had a perfect test for one of these new tricks (I was having a horrible time in another lab, and had just about convinced myself to drop that lab, when an idea struck me and I pulled a trick straight from the lab manual, went to the other lab and instantly gained access to a machine that had been eluding me for a while.) So having added new techniques to my tool belt, well this was well worth the price paid by itself, but it was far from the only thing I have learned and since used.
I continued to move forward in the lab, following pretty closely to the guide, and reaching/submitting each flag as I went. I never ran into any hurdles, or encountered anything too difficult, and finished the lab with plenty of hours to spare but not many days to spare.
Having added a few new tricks to my knowledge bank, I was pleased with my progress and the course content, so I submitted the last flag. I got a certificate of completion shortly after submitting all the flags, and I got to practice using a C2 platform I rarely use. Win, win, win.
Misc:
I didn't have any troubles with the servers or anything else during my lab time.
The Exam:
There is no certification exam at the present time. There is a certificate of completion when you submit all flags.
My two cents:
If you are new to Offensive Security, or new to Active Directory attacks from Kali Linux, this is a great starter class. The price is right, the materials are great, and the course is paced just right. Follow this class quickly with the Attacking and Defending Active Directory course from PentesterAcademy for a better experience. Oh, and if you have lots of red team experience, don't make the mistake I made and think you can't learn new tricks from a beginner course!