Certified Azure Red Team Professional

Advanced Practical Azure/Azure AD attack-path exam + report Pass: Provider-defined objective threshold; verify late… $249

CARTP emphasizes practical Azure/Azure AD offensive security with identity-centric attack chains. For 2026, prioritize Entra ID attack primitives, token abuse, and tenant-level impact articulation.

Official Page

IssuerAltered Security

FormatPractical Azure/Azure AD attack-path exam + report

Duration~24h practical window (indicative)

Pass ScoreProvider-defined objective threshold; verify late…

Overview Syllabus (5) Tools (6) Cheat Sheets (2) Labs (3)

Recommended Tools

ROADtools Essential

AAD

Azure AD enumeration and token research toolkit.

installpipx install roadrecon

usageroadrecon gather

Pacu Essential

AWS

AWS exploitation framework for IAM/data-plane testing.

installpipx install pacu

usagepacu

ScoutSuite

AWS

Multi-cloud security posture baseline and misconfiguration review.

installpipx install scoutsuite

usagescout aws

Azure CLI Essential

Azure

Tenant/resource enumeration and token-context validation.

installcurl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash

usageaz account show

Rubeus/Mimikatz toolkit awareness

C2/AD

Understand credential material handling and AD abuse paths in controlled labs.

usageUse in sanctioned lab scope only

Trivy

Containers

Container/image/config scanning for cloud attack surface.

installsudo apt install -y trivy

usagetrivy image <image>

kube-hunter

K8s/Cloud

Kubernetes exposure checks in cloud estates.

installpipx install kube-hunter

usagekube-hunter --remote <ip>