Hi,

I had recently given the CRTA examination from Cyberwarfarelabs and I thought to write a short blog regarding my experience, learning, exam, overall hardness level of the course. The CRTA course is beginner friendly and is a very good certification for anyone who wants to enter into Red Teaming.

The CRTA course

The CRTA course is actually very very impressive for someone who’s looking to enter into the field of Red Teaming. The plus point of this course is that it doesn’t requires you to have too much knowledge into Red Teaming and will teach you almost every basic thing about Active Directory right from setting up the environment for hacking AD to performing attacks such as Kerberoasting, Silver ticket & Golden ticket. Although, this course provides almost every detail such as understanding of what a domain is, different forms of trusts and how does it works, what is an object, the working of Kerberos authentication, kerberos delegation and so on.. But the course still wants you to have knowledge on Penetration testing as it is strictly aimed onto Red Teaming. The course consists of videos which you will have to go through to understand all the basics + hacking in the AD environment. One advice which I would like to give is, take proper screenshots of how the attack works on a note keeping tool such as notion.so and also write it in your own language of what you understood about the working of the tools and make note of each and every command that’s being used into the videos.

Course Rating — Excellent

The Labs

Once you are done with the course (video materials). The next thing is to activate labs. Now keep in mind, please do not activate the labs while you are learning and studying from the videos, as it will just ruin your lab access time, which is just of 30 days and you won’t be able to make too much out of it. Hence, first complete the learning fully, then activate the 30 days lab access, so that you can focus fully onto the lab. Try solving the lab on your own without watching the videos in the course which are provided as a solution of how to approach and get into the lab AD env. to compromise the Parent Domain Controller (DC). If you have tried your full potential and seems you are stuck for very long, head on to the videos and only watch the part where you got stuck and continue the labs again without watching the full solution. Another advice, which I would like to give is solve the lab using the Linux Method using Ligolo-ng (which is provided in a written blog on the labs portal) + Also, solve it using the windows method using Proxychains. By doing so you will have multiple paths to perform a single thing so if one doesn’t work during the exam, you may try the alternate path. The lab is really fantastic and will really open up your mind in Red Teaming, also, don’t just execute commands, understand what’s happening behind the scenes and why does it works. At the end we are hacker’s not typewriters :) right ?

Lab Rating — Excellent

Lab Support

As you know, that during the lab access you are provided with support for any on going issues which you face. I personally didn’t faced too many issues, except one which the team didn’t took too much seriously resulting in a waste of 10 days of lab access. It was regarding the golden ticket attack using the Mimikatz, even after doing everything, the never worked, whereas the same attack was working fine using the Linux method by making use of impacket’s ticketer tool. They use to respond on mail that they would fix the issue, but they never fixed it, but I knew the concept so I didn’t insisted too much.

Lab Support — Fair

The 6 hours hands-on Exam — Attempt 1

While I was preparing, of a sudden I had got a mail from the cyberwarfare team that the exam pattern has been changed from 24 hrs to 6 hrs. I was really confused about the difficulty level and the changes that they might have been done as they reduced the time. I had scheduled my exam on 16th August 2025 in the morning 7:30 AM to 1:30 PM. Finally, I had reached the day when I was about the give the exam and I didn’t got enough sleep in the night out of curiosity and excitement hahaha. The exam is quite exciting and I was stuck at a phase for around 4 hr because of my own negligence and realized when my exam got over, and sadly I had failed my exam in the first attempt.

The 6 hours hands-on Exam — Attempt 2

As CRTA comes with a re-attempt, I decided to schedule the re-exam as soon as the slot was availlable, however I think there’s a 15 day lockout period on which you have to prepare yourself more as you have failed so that you can appear better in the re-attempt. I had scheduled my exam exactly after 15 days as soon as the slot was available for the same time on 31st August 2025. So, after careful analysis of what got wrong in the exam, I worked onto my skillsets and finally cleared the CRTA exam 3 hrs before the examination time.

Exam Rating — Excellent

How hard is the exam ? Lab v/s Exam

It seems like the exam is relatively easy when compared to the lab, but I would say that the exam is a bit tricky and is expecting you to think a little bit out of the box, but I can say that, nothing is out of what is taught you in the videos and labs, IT IS REALLY INTERESTING, TRUST ME!!

Should I go for CRTA ?

Ask yourself whether your interest fits in the Red Team Domain or not. If yes, do it, if no, then you need to create interest hahaha.. because Red Teaming is an essential part of Cybersecurity as most of the organizations today run on Active Directory (AD) environments. So, yeah, go for it, it’s a really good certification along with hands on certification process, unlike eJPT or CEH or any other MCQ based certification. Also, they keep putting up offers on their course, where the price for this particular certification even drops upto $9.

My achievement- https://labs.cyberwarfare.live/credential/achievement/68b3d0e66ca4d8b677610077

CRTA course enrollment — https://cyberwarfare.live/product/red-team-analyst-crta/

LinkedIn — https://www.linkedin.com/in/toufique-belim/

Thanks. Love to hear any comments.