Profile Picture

My Journey Through the Certified Red Team Specialist (CRTS v2) Course

After successfully completing CRTS v1, I decided to take on CRTS v2 by Cyber Warfare Labs. This blog post will document my journey as I work through the course material and prepare for the hands-on exam by the end of March.

My Experience with CRTS v1

In the previous version of this course, the lab covered the following scenarios:

  • Red Team assessment in a Nuclear Facility
  • Covert operations simulating a nuclear meltdown
  • Following the Red Team cycle in multi-segregated networks
  • Three unique attack paths mapped to MITRE ATT&CK for Enterprise

Profile Picture

To earn the CRTS badge, I had to complete all three attack paths and successfully exfiltrate a critical file from one of the servers. The proof of completion was a screenshot of the file contents, which I had to share with their support team.

Profile Picture

While the lab was immersive, I faced some technical bugs that required back-and-forth communication with their support team. Despite these challenges, I managed to complete it and earn my shiny CRTS badge. (Check my Accredible Badge here )

First Image Second Image

CRTS v2 – What’s New?

Profile Picture

The CRTS v2 course and lab introduce updated real-world attack scenarios, including:

  • Adversary simulation in an Electric Power Grid facility
  • Active Directory (AD) Domain & Certificate Services, Exchange, SSO, MFA & VDI Exploitation
  • Following the Red Team cycle in multi-segregated networks
  • Two unique attack paths mapped to MITRE ATT&CK for Enterprise

Profile Picture

To earn the CRTS v2 Accredible badge, I will need to pass a 24-hour hands-on exam, followed by submitting a detailed exam report within the next 24 hours. A 70% passing score is required to obtain certification.

Profile Picture

Why I Chose CRTS v2

Although I already earned CRTS v1, I decided to take v2 because of its updated content and real-world relevance. The lab case studies are modeled after the MGM attack (September 2023), making the course even more relevant to modern Red Team engagements. (You can read about this article here )

Profile Picture

During the launch webinar, the course author discussed cybersecurity predictions for 2024, highlighting emerging attack vectors such as:

  • CI/CD supply chain attacks
  • Exploiting remote access services
  • Targeting enterprise-grade software for payload/phishing infrastructure
  • Hybrid & multi-cloud attacks
  • Sophisticated & stealth attacks in on-premise environments
  • Rise in MFA-based attacks
  • QR code-based hacking
  • Use of GenAI tools for chained attacks

Profile Picture

Given the cutting-edge topics covered, upgrading to CRTS v2 was an easy decision—especially since past CRTS v1 holders were offered an upgrade for just $49!

My Future Plans

Once I complete the CRTS v2 exam, I will write an updated review comparing it to other cybersecurity certifications in terms of content depth and exam difficulty. Since the course has a strong Active Directory focus, I will also compare it to Altered Security’s CRTP and CRTE, which I have completed.

Interestingly, I recently read a blog post from one of my LinkedIn connections, where they compared CRTS v2 to OffSec’s OSEP. Given OSEP’s significantly higher price, this comparison makes CRTS v2 even more appealing. (You can read about this article here )

Stay tuned for my CRTS v2 exam experience and final review!