Musubi

12 August 2024

by yunaranyancat

It has been a year since my last update on the blog.

kitty

Been caught up with work and other things.

Last month, I went to SANS Pen Test Hackfest Europe Summit & Training located in Amsterdam.

There are multitudes of courses offered and one of them is the GIAC Red Team Professional, GRTP.

GRTP

GRTP is a 6-day course that teaches you about the fundamentals of conducting a red team exercise, mainly performing adversary emulation.

During your first two days, there are lots of theories rather than practical exercises, this is to set a common ground especially terms that will be used throughout the course.

On the third day onwards, you will be exposed to hands-on practical red teaming exercise, from performing reconnaissance, AD attacks, lateral movement and more.

The course concludes on the fifth day, where it will explain on how do you perform closure on the red teaming engagement, how do you reveal your activities, lesson learned, how to replay specific TTP and how to present a good report.

On the 6th day, there will be a CTF that will test all the knowledge you have learned since the first day. There is no need to overthink (which I did, taking into consideration all of the Offsec courses and exams that I have endured all along), as long as you follow the course from start to end, you can nail the CTF (which , I didn’t).

jump

It was quite fun, and since it was my first SANS-style CTF, I felt I did my best and I now know what can be improved for my future SANS courses (idk, if there’s any).

THE EXAM!

I won’t go into detail about the exam, but as long as you understand everything the course covers, you’ll nail it—just like I did (hell yea!).

pass

Tips and Tricks

  1. There aren’t many tips here—just follow the course step by step, and your GRTP journey will be spectacular!

  2. Make sure to have enough caffeine so you don’t get sleepy (I think it might have been due to jet lag and the time zone shifts), especially during the first two days of the course.

  3. This is your chance to experiment with commercial C2 frameworks (if you haven’t before). Personally, I had experience using Cobalt Strike as the C2, so I decided to explore Empire + Starkiller, which I found to be very rewarding. I learned a lot about the Empire C2.

  4. If you’ve taken Red Team courses before (like I have), this might be a refresher for you. However, the instructor (Jean Francois Maes) explained everything in a way that strengthened my fundamentals. It felt like I discovered things I had missed before. Learning is fun, LOL.

nerd

End

Thank you for taking the time to read this review. There’s not much more to share—just enjoy the course, ask the instructor anything you need to know, and keep learning!

return to homepage