Certified Red Team Expert

Advanced Practical AD red-team lab exam + report Pass: Provider-defined objective threshold; verify late… $249

CRTE centers on Active Directory-focused red team operations and realistic enterprise attack path execution. For 2026, emphasize AD graphing, privilege path validation, and clear reporting of blast radius.

Official Page

IssuerAltered Security

FormatPractical AD red-team lab exam + report

Duration~48h practical window (indicative)

Pass ScoreProvider-defined objective threshold; verify late…

Overview Syllabus (5) Tools (7) Cheat Sheets (2) Labs (3)

Recommended Tools

BloodHound CE Essential

AD Mapping

Visualize Active Directory attack paths.

installdocker compose up -d # bloodhound stack

usagebloodhound-python -d <domain> -u <user> -p <pass> -ns <dc_ip> -c all

NetExec Essential

Enumeration

SMB/WinRM/RDP/LDAP assessment and credential checks.

installpipx install netexec

usagenetexec smb <target> -u <user> -p <pass>

Nmap Essential

Recon

Network discovery and service fingerprinting.

installsudo apt install -y nmap

usagenmap -sC -sV -Pn <target>

Rubeus/Mimikatz toolkit awareness

C2/AD

Understand credential material handling and AD abuse paths in controlled labs.

usageUse in sanctioned lab scope only

Hashcat

Credential Attacks

Password cracking for recovered hashes.

installsudo apt install -y hashcat

usagehashcat -m <mode> <hashes> <wordlist>

Metasploit Framework

Exploitation

Exploit/proof-of-concept and post modules.

installsudo apt install -y metasploit-framework

usagemsfconsole

Ligolo-ng

Tunneling/Pivoting

Userland pivoting and tunnel setup.

installgo install github.com/nicocha30/ligolo-ng/cmd/...@latest

usageligolo-proxy -selfcert