⚔️ Red Team Ops I

🧠 1. Certification Name and Issuing Body

🧩 2. Certification Level and Type

  • Level: Introductory to Intermediate

  • Type: Technical (hands-on, red teaming)

📜 3. Purpose and Goals

  • What skills does it certify?
    Simulating adversarial operations against enterprise Windows environments using custom C2, privilege escalation, bypassing defenses, and lateral movement

  • Target roles or profiles:
    Red Team Operator, Junior Adversary Simulation Analyst, Offensive Security Engineer

  • Practical applications:
    Simulating real-world threat actor behavior (post-compromise), avoiding detection, understanding tradecraft and TTPs

🎓 4. Prerequisites

  • Recommended prior certifications:
    PNPT, eJPT, or basic pentesting knowledge

  • Suggested experience:
    1–2 years in cybersecurity or pentesting

  • Required technical knowledge:
    Windows internals, PowerShell, basic C2 logic, Active Directory, privilege escalation techniques

📚 5. Content and Curriculum

  • Key domains/modules:

    1. Command & Control (C2) Framework Setup

    2. Payload Development and Execution

    3. AV and EDR Evasion Techniques

    4. Enumeration and Privilege Escalation

    5. Credential Access and Abuse

    6. Lateral Movement (e.g., PSRemoting, WMI, SMB)

    7. Kerberos Attacks (Pass-the-Ticket, Kerberoasting)

    8. Situational Awareness and Data Exfiltration

    9. Operational Security and Reporting

  • Technologies/tools:
    Covenant, Cobalt Strike (emulated), Mimikatz, PowerView, SharpHound, Rubeus, custom droppers

  • Framework mapping:
    MITRE ATT&CK (Initial Access, Discovery, Lateral Movement, Credential Access), NIST 800-115

🧪 6. Learning Approach

  • Style: 100% practical and scenario-based

  • Labs/environments: Dedicated virtual AD lab provided (browser-based)

  • Materials: Text-based course platform (Academy), GitHub payloads, downloadable tools, report templates

  • Recommended platforms: GitHub (Tiberius tools), Hack The Box (Red Team labs), TryHackMe (AD rooms)

📝 7. Exam Format and Details

  • Mode: Remote and practical

  • Duration: 7-day exam window

  • Requirements:

    • Compromise the target domain

    • Submit professional report detailing full attack path

  • Languages: English

  • Retake policy: One free retake included

  • Certification validity: Lifetime

💰 8. Estimated Cost

  • Training + exam access: £399 GBP (~$500 USD)

  • Retake cost: Free (one included)

  • Renewal cost: None (lifetime cert)

🌍 9. Industry Recognition

  • Demand/popularity: Growing rapidly among Red Teamers and OSCP holders looking for real AD-focused content

  • Organizations that value it: Red team consultancies, offensive security firms, pentesting boutiques, defense contractors

  • Comparison:

    • More AD-focused and stealth-oriented than PNPT

    • Less general than OSCP, but deeper on Windows post-exploitation

    • A precursor or alternative to CRTO or RTO II

💼 10. Career Opportunities

  • Job roles:
    Red Team Apprentice, Windows Exploitation Analyst, Adversary Simulation Specialist

  • Suggested paths:
    → PNPT → RTO I → CRTO / RTO II
    → OSCP → RTO I → OSEP / Red Team Labs

💵 11. Average Salary

  • UK/EU: £40,000–£65,000 / €45,000–€75,000/year

  • USA: $80,000–$110,000/year

  • Salary impact: Moderate to high if moving into specialized Red Teaming roles

  • (Sources: Reddit, PayScale, Zero-Point Security alumni)

📅 12. Renewal and Maintenance

  • Validity: Lifetime

  • Renewal: Not required

  • Updates: Course is periodically updated by Tiberius; access remains for review

🧭 13. Final Recommendations

  • Ideal for:
    Pentesters or junior red teamers looking to break into adversary emulation with a practical AD-based focus

  • When to pursue:
    After foundational pentesting certs like PNPT, eJPT, or CEH; before CRTO or OSEP

  • Tips:
    Read and test everything in lab. Avoid relying on automated tools. Document lateral movement and credential abuse clearly in the final report.