• 708.689.0131
  • Contact us
  • Login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Product overview
  • Infosec IQ logo Security awareness & culture
  • Infosec Skills logo On-demand training & cyber ranges
  • Infosec Skills Live Boot Camps logo On-demand training & cyber ranges
  • Infosec IQ overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Integrations & automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Infosec Skills overview
  • Role-guided training
  • Infosec Skills Teams
  • Cyber ranges & labs
  • Certifications & CPEs
  • Skill assessments
  • Browse all training
  • Pricing & features
  • Book a meeting
  • Live boot camps
  • Infosec Institute certifications
  • DoD 8570 certifications
  • Get team boot camp pricing
  • View boot camp schedule
  • Book a meeting
  • Pre-built training plans
  • Compliance, industry & role-based training
  • Custom education
  • Personalized learning
  • Languages
  • Gamified learning
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Dashboard reports
  • Security culture survey
  • Assessments
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • 52 NICE Work Roles
  • SOC Analyst
  • Cloud Security Engineer
  • Security Manager
  • ICS Security Practitioner
  • Security Engineer
  • Penetration Tester
  • Digital Forensics Analyst
  • Information Risk Analyst
  • Security Architect
  • Secure Coder
  • Boot camp overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play

On-demand training for every cybersecurity role

Download Catalog

Certification training from industry experts

Get Pricing
  • Solutions overview
  • By organization type
  • By need
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2021 IT & Security Talent Pipeline Study

    Download Now
    • Cyber Work
    • Webcasts
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Cyber Work Podcast

      New cybersecurity career conversations every week

      Listen Now
      • About us
      • Events & webcasts
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • Infosec Gives Partner Program
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • Industry alliances
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join a team dedicated to making a difference.

        Get To Know Us

        Red Team Operations Training Boot Camp

        Do good by being bad in this exclusive Red Team Operations training designed to teach you to think like a cybercriminal, help you better defend your organization, and prepare you for the Certified Red Team Operations Professional exam.

        ★★★★★
        4.6
        (158 ratings)
        View Pricing Book a Boot Camp
        red-team-operations

        Earn your CRTOP, guaranteed!

        • Five days of expert, live Red Team Operations training
        • Exam Pass Guarantee
        • Exam voucher
        • 100% Satisfaction Guarantee
        • Unlimited practice exam attempts
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Onsite proctoring of exam
        • Pre-study learning path
        • Knowledge Transfer Guarantee

        Hands-on labs

        Our practical exercises are designed to make you feel like a part of a real red team operation. Find and exploit network vulnerabilities in our intuitive virtualized environment configured with popular hacking tools. Learn how to bypass physical controls with a professional-grade lockpick demonstration. Hone your social engineering skills by crafting convincing phishing emails and running a real phishing campaign against your classmates, friends or family members using an industry-leading phishing simulator.

        Certification details

        The Certified Red Team Operations (CRTOP) body of knowledge consists of seven domains covering the responsibilities of a red team member. The certification exam is a 50-question, traditional multiple-choice test. Questions are randomly pulled from a master list and must be completed in two hours. The seven CRTOP domains are:

        • Red team roles and responsibilities
        • Red team assessment methodology
        • Physical reconnaissance tools and techniques
        • Digital reconnaissance tools and techniques
        • Vulnerability identification and mapping
        • Social engineering
        • Red team assessment reporting

        70% is the passing score for the CRTOP exam.

        View full course schedule

        Training overview

        “Know your enemy, and know yourself.” Sun Tzu’s most famous advice from The Art of War still applies in the 21st century, and on the digital battlefield, knowing your enemy is more important than ever. So put on your black hat and get ready for Infosec’s groundbreaking Red Team Operations Boot Camp!

        In our exclusive Red Team Operations Boot Camp, you’ll learn to defend against hacking and fraud attacks on your organization — from network vulnerabilities to social-engineering tactics. And you’ll learn from the attacking side! Our experienced instructors will lead you through the basics of multiple cybercrime assaults and show you how you can use these techniques to improve security at your own organization.

        What you'll learn

        After completing the course you will gain sufficient knowledge and skills to be able to:

        • Thoroughly understand and apply a variety of passive and active intelligence-gathering techniques
        • Discover and leverage vulnerabilities in physical and network infrastructure
        • Select and effectively use social engineering techniques, from phishing to phone to face-to-face
        • Gain entry into a target location using various covert and overt methods
        • Test and evade all types of security control types: logical, physical and administrative
        • Perform a comprehensive red team operation penetration test, from reconnaissance to establishing a foothold and maintaining a covert presence

        Who should attend

        • Red team members and offensive security specialists
        • Penetration testers, security researchers and ethical hackers
        • Incident responders
        • CISOs and security managers
        • Security and networks architects, engineers and administrators
        • Any professionals whose responsibilities include physical and information security

        Prerequisites

        • Understanding of fundamental information security concepts
        • Professional exposure to penetration testing methodologies and tools
        • Basic understanding of networking concepts
        • Firm understanding of the Windows Operating System
        • Exposure to the Linux Operating System or other Unix-based OS
        • Desire to learn about pentesting and red teaming, stay ethical and get great security training!

        Everything you need to earn your CRTOP

        • Five days of expert, live Red Team Operations training
        • Exam Pass Guarantee
        • Exam voucher
        • 100% Satisfaction Guarantee
        • Unlimited practice exam attempts
        • Free annual Infosec Skills subscription ($299 value!)
        • 1-year access to all boot camp video replays and materials
        • Onsite proctoring of exam
        • Pre-study learning path
        • Knowledge Transfer Guarantee
        Everything you need to earn your CRTOP
        View Pricing

        Exam Pass Guarantee

        We guarantee you’ll pass your exam on the first attempt. Learn more. 

        CRTOP training schedule

        Infosec’s CRTOP training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth CRTOP prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • Day 1

            Introduction to red team operations

            • Course introduction
            • Types of security assessments
            • What is red teaming?
            • Role of red team in organizational security programs
            • Red team vs. blue team
            • Red team assessment phases
            • Red teaming methodology
            • Planning red team operations

            Red team assessment phases: setting objectives

            • Defining assessment methodology and objectives
            • Identifying points of contact
            • Analyzing initial information
            • Gathering team and equipment

            Day 2

            Red team assessment phases: reconnaissance

            • Passive intelligence gathering and OSINT
            • Physical recon
            • Getting started with social engineering
            • Social engineering tactics
            • Pretexting
            • Phishing, vishing, smishing
            • Physical and digital surveillance
            • Wireless recon
            • DNS and SNMP recon
            • Identifying possible attack vectors

            Red team assessment phases: target identification

            • Identifying physical controls and vulnerabilities
            • Passive network discovery and scanning
            • TCP scanning
            • Scanning through firewalls
            • Stealthy scanning techniques
            • Idle scanning
            • Avoiding IDS/IPS detection
            • Proper identification of services
            • Vulnerability identification
            • Types of network and application vulnerabilities

            Day 3

            Red team assessment phases: gaining access

            • Covert and overt entry
            • Evading surveillance and physical IDS
            • Lock picking
            • RFID cloning
            • Using social engineering to gain entry
            • Vulnerability mapping
            • Types of exploits
            • Client-side exploits
            • Password attacks
            • Exploiting flaws in encryption
            • Attacking web application
            • Wireless hacking

            Red team assessment phases: establishing foothold and maintaining presence

            • Avoiding anti-virus detection
            • Use of Trojans
            • Hardware and software keyloggers
            • Installing rogue access points and network TAPs
            • Port redirection and other anti-firewall techniques
            • IDS operations and avoidance
            • Internal recon and pivoting
            • Encrypting your communications
            • Protocol abuse for covert communications
            • Creating custom encryption tunneling application

            Day 4

            Red team assessment phases: completing objectives

            • Identifying and extracting target data
            • SQL data extraction
            • Sniffing network traffic
            • Exploiting targets of opportunity
            • Anti-forensics
            • Log modification/deletion
            • Rootkits
            • Communication and evidence management

            Red team assessment phases: reporting

            • Report structure and content
            • Reporting for compliance
            • Providing recommendations
            • Presenting your findings

            Day 5

            Additional red team operations resources

            • Red team operations best practices
            • Commercial and open-source tools
            • The future of red team operations

            CRTOP exam

        • After your boot camp
          • Your boot camp includes a 1-year subscription to Infosec Skills, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

        Free CRTOP training resources

        Getting started in red teaming and offensive security

        Get insight into what it takes to be a successful Red Team member in this chat with Curtis Brazzell, managing security consultant at Pondurance.

        Listen Now

        Red team hacking in the age of COVID-19

        Dive back into the world of Red Team operations with today's guest, John Cartrett of the SpiderLabs team at Trustwave. He leads clandestine-style operations in simulated attacks on organizations to help them find their least expected and most dangerous vulnerability points and tighten them up. Despite being a newly hot practice that a lot of people are just getting into, John has been red teaming for five years, with another thirteen years before that of IT experience and other forms of offensive testing.

        Listeners are always asking how to get started in red teaming and what they need to know to get on that ladder, so we'll be talking about career strategies and skill sets — but I also want to know whether anything has changed or will now change in the light of the current global COVID-19 pandemic. With red team staffs currently scattered and isolating at home and the economy suffering, will this change the nature of red teaming now or in the years to come?

        John is a Principal Consultant and the Red Team lead for the SpiderLabs team at Trustwave. His responsibilities mainly include managing all red team services in the Americas from start to finish, as well as being a subject matter expert on red team services globally. He has eighteen years of information technology experience and ten years of offensive testing experience with the last five years focused on clandestine-style Red Teaming. He has directed and executed close to one hundred full-scope red team operations for organizations of all sizes and geographic locations. He has obtained many certifications from organizations such as Microsoft,Cisco, GIAC and Offensive Security, as well as attended thousands of hours of skills-based training.

        Listen Now

        What’s it like to be a high-end Red Team member?

        David "Moose" Wolpoff, co-founder and CTO of Randori, a nation-state caliber attack platform, chats with Chris Sienko about a day in the life of a high-end Red Team Operations professional.

        Listen Now

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates

        Sign up

        Enroll in a boot camp

          See additional dates
          Infosec logo

          Products

          Infosec IQ Security awareness, culture & phishing simulator Infosec Skills Hands-on skill development & boot camps

          Resources

          Cyber Work Blog Infosec Inspire Events & webcasts

          Company

          Contact us About Infosec Careers Newsroom Partners
          • ©2022 Infosec Institute, Inc.
            • Trademarks
            • Privacy Policy

          Infosec, part of Cengage Group

          We use cookies to personalize your experience and optimize site functionality. Accept Cookie settings
          Privacy & Cookies Policy

          Infosec cookie notice

          We use cookies to help understand your needs, optimize website functionality and give you the best experience possible. Use this policy to understand how, when and where cookies are stored on your device. 

          Want to know more? Contact [email protected].
          Necessary
          Always Enabled
          This type of cookie helps keep our website functioning. They provide access to account-based features and other secure areas of our site, and do not store information about you that could be used for marketing. This category of cookies cannot be disabled.
          Analytics
          Google Analytics cookies help us understand how visitors use our site. All data collected from Google Analytics is anonymized (including your IP address) and stored by Google on U.S. servers.
          Marketing
          We use this type of cookie to optimize our marketing campaigns. Marketing cookies are delivered by our database when you visit our site, complete a form or open email from us. Information stored in this cookie includes personal information like your name and what pages you view on our site.
          Save & Accept