CRTP Bootcamp Review

Pre Requisites

The prerequisites for the course are as follows:

  • General knowledge about what exactly Active Directory is.
  • Basic understanding of windows command line.

The BootCamp

Live Classes

There were a total of 4 live sessions by the AD God Nikhil Mittal. Each class was supposed to be 2 hours 30 minutes long but usually lasted more than 3 hours (due to pre and post-class doubt sessions).

  • Enumeration and Local Privilege Escalation
  • Lateral Movement, Domain Privilege Escalation and Persistence
  • Domain Persistence, Dominance and Escalation to Enterprise Admins
  • Defences, Monitoring and Bypassing Defences

Labs and Assignments

The labs consisted of 22 unique objectives covering each and every aspect of the course. Further, we had weekly assignments which were directly related to the labs.
There are 2 methods to access the labs:

  • VPN based (RDP connection)
  • Web Access (through URL)

Note Taking

This is the most important part of the Bootcamp. Try to make as verbose notes as possible. Note down the mistakes as well. Understand why something does not work and the way you fixed that the issue. Sometimes you might skip things while solving the objectives, thinking that it’s easy and you will remember it in the end. In the exam, you might make a similar mistake but you will not remember the fix for it, which might create a tough situation for you!
During the Bootcamp, I made the notes as follows:

Index for my CRTP notes


The last Bootcamp session was on 30th January 2021 and I planned to take the exam on 6th February 2021. Don’t delay the exam, the sooner you give, the better. This is because you will lose your lab access and staying out of practice would be the worst thing for you.

  • Created an exam specific cheatsheet (skipping persistence and brute-force related concepts, as they are not required in the exam).
    Link to my cheat sheet:
  • setup bloodhound on my local machine.
  • created 3 separate zip files for faster tool transfer. local privesc and enumeration for forest level attacks for lateral movement attacks
  • Bought 2 Red Bull cans (in case things went out of hand).

Was the Bootcamp worth it?

Absolutely yes! It costs 300$, i.e 50$ extra than the normal videos, lab access and 1 exam attempt. The Bootcamp provided me with a channel to connect with the instructor directly over discord. Further, I found some like-minded people in the group that helped me to learn and gain a deeper understanding of AV evasions and other AD-based attacks.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store