Certified Red Team Operator

Intermediate 24hr practical exam Pass: Passing $399

Red team operations with Cobalt Strike — C2, beacon ops, evasion, persistence.

Official Page

IssuerAltered Security

Format24hr practical exam

Duration48 hours

Pass ScorePassing

Overview Syllabus (7) Tools (6) Cheat Sheets (1) Labs (1)

Recommended Tools

Situational Awareness BOFs Essential

BOF

Beacon Object File collection for recon

installgit clone https://github.com/trustedsec/CS-Situational-Awareness-BOF

usageinline-execute sa-bof.o

Cobalt Strike Essential

Commercial C2 framework for adversary simulation

installLicensed purchase

usageteamserver IP pass cobaltstrike.profile; connect via CS client

Havoc C2 Essential

Modern open-source C2 framework

installgit clone https://github.com/HavocFramework/Havoc && make

usage./havoc server --profile profile.yaotl; ./havoc client

Sliver Essential

FOSS C2 with mTLS/HTTP/DNS

installgo install github.com/BishopFox/sliver/client@latest

usagesliver-server; generate --http attacker

Rubeus Essential

Credentials

Kerberos toolset

installCompile from source

usageexecute-assembly Rubeus.exe kerberoast /outfile:hashes.txt

Donut Essential

Evasion

Shellcode generator from .NET/PE

installpip3 install donut-shellcode

usagedonut -f 1 -a 2 -o shellcode.bin payload.exe

ThreatCheck Essential

Evasion

Identifies AV-triggering bytes

installBuild from source

usageThreatCheck.exe -f beacon.exe -e AMSI

GoPhish Essential

Phishing

Phishing campaign platform

installDownload releases

usageConfigure sendingprofile, template, campaign

SharpHound Essential

Recon

BloodHound collector for CS

installLoad as beacon command

usageexecute-assembly SharpHound.exe -c All --zipfilename loot.zip