(Good) certifications should not only serve as a marker of acquired skills and proficiency in those skills. No, much more, they should provide material that is easily digestible and at the same time conveys all the knowledge that it seeks to convey. They should feature a final exam that provides a (preferably fun) challenge that can be overcome with the information provided in the course.
Since I already acquired a handful of certifications and am planning to acquire more in the future, I decided to report on my experiences with some of them.
In June 2023, I completed the Certified Red Team Operator (CRTO) exam.
I learned a lot about Active Directory exploitation and
about how Command & Control (C2) frameworks work.
I also learned a bit about bypassing defense mechanisms and evading detection.
This is my (mostly spoiler-free) review of the course and the exam.
Read more