Home

Review of TCM Security Academy - Movement, Pivoting and Persistence

These are my personal opinions based on my background and training experience.



Course Reviewed


Course Format:

This course is online.


Course Materials:

This course materials included videos, a zip file of tools, various links, and there is a discord channel that you can join to ask class related questions.


Class size:

The class is just for you and is not shared.


Lab Environment

There is no lab environment that is provided, but there are step by step guides that mostly explain how to download trial version software and set up your own environment, plus there are two pre-configured OVA files that you can download and import in to your environment as well.


Estimated cost:

At the time of this review, the course prices were listed as follows (Check the web site for actual prices!)

$29.00 USD


Course overview:

The course has 5 hours of videos covering topics such as username and password list generation, passwrod spraying, phishing, C2, routing, port forwarding, SOCKS proxies, and other topics as well.


My motivation:

I know movement and pivoting inside a network is a touchy subject for some people, and I always look to learn new techniques.



My review:

With a long weekend ahead of me, I jumped online and started the course. I was excited to see what the course offered and movement and pivoting techniques are always fun to learn. My excitement dwindedeled as I saw that I hadn't read the course description well enough to see that you will build your own lab. And then I quickly burned a whole day setting up the virtual lab (downloading ISOs, installing, letting them update, etc). It was a very painful process, but I am not here to review that part of the course. And once you have your lab built, you can do other experiments in it, so I consider it time well spent, but I just wasn't expecting it. Again, I did not read the course description very well as you will see time and time again in the review.

Quick note on the audio...see the Misc section for more details... you may need to adjust your audio levels throughout the early portions of the course.

And on a personal note, the more I use Virtual Box, the happier I am that there are multiple virtualization platforms! It gives you the chance to use different platforms in different situations.

One other note: I got to the first videos talking about Covanent... now that I don't use Cobalt Strike all the time, hopefully it will make using other C2 platforms easier.


When I saw the title "Movement, Pivoting and Persistence", I was expecting something a whole lot different than I got. I probably should have read the course outline, but for the price, I didn't really bother. The course started with lab setup, a tiny intro to C2, and then it went in to gaining a foothold. With the foothold in to the network, enumeration was the next topic covered and then it touched on persistence. The final hour or so looked like it would cover the topics that I expected to course to be about, but oncce I watched those I realized it wasn't what I thought. I always tell people that I think differently than everyone else and this is a classic example.

I always ask myself, did I learn something in the training and if the answer is yes, I feel the training is worth it. So did I learn something? Yes. I learned a couple of new ways of doing things (and while the videos go over a much harder way to do those things...knowing how to do things multiple ways is a critical skill and can often be the deciding factor for success or failure in an engagement.)


If you are new to security, this is a good series. If you want to see Covenant vs Metasploit, this is a good series. If you have a weekend to burn and want to spend some time seeing how someone else does enumeration, go for it.

Here are my recommendations. Purchase the course on sale, watch the videos, and for every technique that is presented, Google an alternate way to accomplish the same task (for example, adding a machine to a domain and things like that.) Find other ways and see which works best for you. And by doing the research for yourself, you will understand the topics better and you might find a method that you like better and at the very least you will know a couple of ways to do the same task.



Misc:

After starting the first video, and adjusting the volume to get things at my prefered audio level, I noticed that some videos had really low audio and some had a odd far away sound. So just be aware of this and realize you too may have to adjust your volume controls with each video. Later in the series the audio seemed to stabalize.


The Exam:

There is no certification exam at the present time. There is a certificate of completion when you complete the course



CoC



My two cents:

It was my fault for not looking closer at the course description. But for $29 and only five hours of time (that turned out to be a lot more dealing with the lab setup and testing) it was ok. And from the title I expected there to be more talk about how to move around in the network, and how to travel several levels deep in the network (like having say four or five systems but on four or five different networks and each machine only being dual homed. Then you gain access to the first system and show how to tunnel through the network to the end system, with and without a C2 and not just multiple C2s.) Anyway, I learned a few things and did some really cool experiments on my own with the lab environment that was setup for this class (it saved me spinning up my other environments).







Copyright © 2024

Contact: redteamtrainingreviews @ redteamtrainingreviews.com