Been quite a bit since my last post with my small pwn adventure. I did mention that I was going to take up the CRTP course right after but I guess fate had other plans.
More on that here.
Why CRTO? Link to heading
On May 2025, Zero-Point Security had migrated to a new platform, which came along with a bunch of changes including:
- Updated content for CRTO
- Unlimited lab time
- Free exam retakes
Before all this, I had already seen many reviews had high praise for this course. Without much hesitation, I went ahead and got the course for myself.
This, of course meant that I had diverted from what I had originally set out to do.
Content Link to heading
The course has a heavy emphasis on OPSEC, teaching you how certain actions you take can lead to detection by the blue team. You will also learn how to use Cobalt Strike and modify your payloads to evade AVs. There is also some content on Active Directory provided in the course.
Theory was relatively straight-forward, and whatever I searched outside of the course was to make up for my lack of foundation or to fulfil my curiosity thereof.
Almost every module comes with lab(s). This created a lot of room for practice and testing which I found quite meaningful for my own learning.
There are also challenges which come with no guidance unlike the labs, which was great as it did feel like a primer to what I could expect when I take the exam.
Exam Link to heading
Unlike the previous exam format required you to submit 6/8 flags in order to pass (at least from what I know), the new exam format requires to complete your operational objective with OPSEC considerations. This meant noisy actions can prevent you from passing.
I took 2 attempts in total, passing on my 2nd one.
For my 1st attempt, I truthfully ended the exam early after time sinking more than 20 hours on an INCREDIBLY stupid mistake that I had only discovered and managed to progress further on my 2nd attempt.
Some tips for the course Link to heading
Something I learnt was having a study buddy can benefit your learning a lot, especially asking each other questions. Big thanks to baesenseii. His blog to sum kool stuff as well.
Googling for stuff that you may not fully understand is highly encouraged to help grasp the content better. It’s alright if there are basics that you may not know or forgotten because I was like that as well.
There is also a Discord channel to share your questions that could benefit other people as well. This platform was really helpful whenever I had some queries or niches that I was looking for regarding the content.
Was it worth it? Link to heading
With the new PPP (Purchasing Power Parity) system in place, it has been made more affordable for the masses. It was about ~500 SGD for my case.
I was able to learn a lot from the CRTO course and was definitely more than satisfied. Even after completing the course, I do find myself revisiting the materials when I had some questions in mind.
Personal (random) Thoughts Link to heading
I took a total of ~3 months to fully complete the course + exam. Other than random events, it could have definitely been done in a much shorter time frame with less procrastination. When I was going through the content, this kept popping up in my head, especially since I got tested by the man himself at STANDCON 2025.
I would say this is a really meaningful course for those that might wanna have an appetiser to red teaming. With regards to exam, the course materials are more than enough to help you pass.
However, from a broader perspective, this course gives you the means and opportunities to take a step further to learn more/research on what personally interests you (maldev, reversing EDR drivers, etc).
Thanks again to Daniel Duggan/Rastamouse.