Certified Active Directory Pentesting Expert (HTB CAPE)
HTB Certified Defensive Security Analyst (HTB CDSA) is a highly hands-on certification that assesses the candidates’ security analysis, SOC operations, and incident handling skills. HTB Certified Defensive Security Analyst (HTB CDSA) certification holders will possess technical competency in the security analysis, SOC operations, and incident handling domains at an intermediate level.
Training at a glance
Level
Advanced
Duration
eLearning
Experience
1 year: Penetration Tester
Average Salary
$120,000
Labs
Yes
Level
Intermediate
Duration
eLearning
Experience
1 year: Penetration Tester
Average Salary
$119,122
Labs
Yes
Training Details
The HTB Certified Active Directory Pentesting Expert (HTB CAPE) is a highly hands-on certification assessing candidates' skills in identifying and exploiting advanced Active Directory (AD) vulnerabilities. HTB CAPE certification holders will possess technical competency in AD and Windows penetration testing, understanding complex attack paths, and employing advanced techniques to exploit them. HTB CAPE certification holders will demonstrate proficiency in executing sophisticated attacks abusing different authentication protocols such as Kerberos and NTLM and abusing misconfigurations within AD components and standard applications in AD environments such as Active Directory Certificate Services (ADCS), Windows Update Server Services (WSUS), Exchange, and Domain Trusts. Furthermore, they will be adept at leveraging specialized tools to exploit AD from Linux and Windows and utilizing Command and Control (C2) frameworks for post-exploitation operations. They will also be able to conduct internal penetration tests professionally against modern AD environments.
The HTB CAPE certification represents the next step in advancing in AD pentesting beyond the HTB Certified Penetration Testing Specialist (HTB CPTS) certification.
Module 1: Active Directory Enumeration & Attacks
- Active Directory LDAP
- Active Directory PowerView
- Active Directory BloodHound
Module 2: Windows Lateral Movement
Using CrackMapExec
Module 3: Kerberos Attacks
DACL Attacks I
DACL Attacks II
NTLM Relay Attacks
ADCS Attacks
Active Directory Trust Attacks
Module 4: Post-Exploitation and Evasion
Intro to C2 Operations with Sliver
Introduction to Windows Evasion Techniques
MSSQL, Exchange, and SCCM Attacks
Senior Penetration Testers
Windows & Active Directory Penetration Testers
Red Team Operators
Active Directory Security Specialists
System Administrators
Cybersecurity Consultants
Security Analysts
The following is a list of prerequisites for a successful outcome:
Interpreting a letter of engagement
Advanced knowledge of Active Directory infrastructure and security concepts
Knowledge around Windows and Active Directory and their functionality
Understanding Active Directory authentication protocols (Kerberos, NTLM, LDAP, Certificate based-authentication, etc.)
Familiarity with common and advanced Active Directory attacks and exploitation techniques
Proficiency in navigating complex AD structures and understanding AD permissions and policies
Ability to detect and exploit misconfigurations in Active Directory environments
Knowledge of bypass techniques to circumvent various security measures in Windows environments
Capability to recommend and implement security hardening measures for AD
Professionally communicating and reporting vulnerabilities
Upcoming Classes
We Offer More Than Just Hack the Box Training
Our successful training results keep our corporate and military clients returning. That’s because we provide everything you need to succeed. This is true for all of our courses.
Strategic Planning & Project Management
From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
IT & Cybersecurity
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Leadership & Management
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.
