Certified Red Team Master

Expert Advanced practical red-team exam + report Pass: Provider-defined objective threshold; verify late… $399

CRTM extends red-team depth into advanced AD trust abuse, evasion, and multi-domain operations. For 2026, candidates should train on complex enterprise pathing and reproducible attack narratives.

Official Page

IssuerAltered Security

FormatAdvanced practical red-team exam + report

Duration~48h practical window (indicative)

Pass ScoreProvider-defined objective threshold; verify late…

Overview Syllabus (5) Tools (7) Cheat Sheets (2) Labs (3)

Recommended Tools

BloodHound CE Essential

AD Mapping

Visualize Active Directory attack paths.

installdocker compose up -d # bloodhound stack

usagebloodhound-python -d <domain> -u <user> -p <pass> -ns <dc_ip> -c all

NetExec Essential

Enumeration

SMB/WinRM/RDP/LDAP assessment and credential checks.

installpipx install netexec

usagenetexec smb <target> -u <user> -p <pass>

Nmap Essential

Recon

Network discovery and service fingerprinting.

installsudo apt install -y nmap

usagenmap -sC -sV -Pn <target>

Rubeus/Mimikatz toolkit awareness

C2/AD

Understand credential material handling and AD abuse paths in controlled labs.

usageUse in sanctioned lab scope only

Hashcat

Credential Attacks

Password cracking for recovered hashes.

installsudo apt install -y hashcat

usagehashcat -m <mode> <hashes> <wordlist>

Metasploit Framework

Exploitation

Exploit/proof-of-concept and post modules.

installsudo apt install -y metasploit-framework

usagemsfconsole

Ligolo-ng

Tunneling/Pivoting

Userland pivoting and tunnel setup.

installgo install github.com/nicocha30/ligolo-ng/cmd/...@latest

usageligolo-proxy -selfcert