Social Media Icons
Discord YouTube LinkedIn WhatsApp

Windows Red Teaming Course
Want to know how Real Red Teamers Break Active Directory?

The Windows Red Teaming Course by Redfox Cybersecurity Academy is an advanced, hands-on red team training program focused on real-world Active Directory exploitation, Kerberos attacks, ADCS abuse, privilege escalation, and post-exploitation tradecraft.

✔️ Real attack paths
✔️ Real AD environments
✔️ Real red team Windows ops
✔️ AD & trust abuse
✔️ Lateral pivots
✔️ Privilege escalation
✔️ Credential harvesting
✔️ Post-exploit tradecraft
✔️ Professional reporting
 ⭐ 70% Labs + 30% Theory
❌ No theory padding

Duration: 24 hrs

🔴 Join the Windows Red Teaming Course
⏳ Price increases soon
🔥 Lab seats limited

View Syllabus

Windows Red Teaming Course Overview

Welcome to the Windows Red Teaming Course - one of the most comprehensive and practical red teaming courses available for security professionals serious about Active Directory exploitation. This advanced red team training program is designed to provide deep, hands-on expertise in modern Active Directory environments, covering the full attack lifecycle - from initial access and reconnaissance through to privilege escalation, persistence, and professional report writing. Whether you're exploring red team courses for the first time or looking to elevate existing offensive security skills, this program delivers real adversary tradecraft used in enterprise red team engagements.

Unlike generic red teaming training programmes built around certification theory, this course takes you into real-world attack scenarios - covering how modern red team operators gain access, abuse Kerberos, relay NTLM, exploit Active Directory Certificate Services (ADCS), and maintain stealth within enterprise Windows environments. By combining structured theory with intensive hands-on labs, this red team training course ensures you don't just understand the attacks - you execute them. The course covers core areas including:

 1. Core Active Directory concepts, trust relationships, and enumeration tactics.
 2. Poisoning and relay-based attacks - SMB Relay, LDAP Relay, WebDAV Relay, and MITM6.
 3. In-depth Kerberos authentication and attack techniques: AS-REP Roasting, Kerberoasting, delegation abuse, and domain       trust exploitation.
 4. Post-compromise and persistence techniques - Silver Ticket, Golden Ticket, and Diamond Ticket attacks.
 5. Attacking Active Directory Certificate Services (ADCS): ESC1, ESC4, ESC8, Shadow Credentials, and Pass-the-Cert.
 6. Coercion attacks - PrinterBug, PetitPotam, and WebDAV relay chains.
 7. Report writing using real-world red team engagement templates.

By the end of this red team course, you will have earned the Certified Windows Red Teamer (CWRT) - a hands-on red team certification that proves your ability to execute real-world attacks on Windows environments, not just answer multiple-choice questions.

What You’ll Be Able To Do After This Course

  • Map Active Directory attack paths without relying blindly on BloodHound - - a core skill every red team operator needs.
  • Abuse Kerberos, NTLM, and AD CS with intent, not just with tools.
  • Escalate from low-privilege user to Domain Admin in realistic enterprise environments.
  • Operate post-exploitation without triggering detection - the hallmark of genuine red teaming expertise.
  • Write professional red team reports that communicate impact clearly to technical and executive stakeholders.
  • Think and act like a red team operator, not a tool runner.

Is Windows Red Teaming Course For You?

This IS for you if:
  • You know basic pentesting
  • You want enterprise-grade red team skills, not cert theory
  • You’re tired of “try harder” labs that don’t mirror reality
This is NOT for you if:
  • You want beginner Windows or IT fundamentals
  • You’re looking for a blue-team / SOC course
  • You prefer watching videos instead of attacking systems
  • You want shortcuts without understanding tradecraft

Prerequisites

  • Basic Windows & Linux Knowledge
  • Basic Pentesting & Security Concepts
  • Basic Command Line & PowerShell Skills

Why Learn From Redfox Cybersecurity Academy

  • Offensive security professionals who actually do this work
  • Techniques taught are used in real enterprise engagements
  • No recycled YouTube content
  • No CEH-style abstraction
  • 15+ years of red teaming experience
  • Real engagements inspired labs

Windows Red Teaming Course Curriculum

Windows Red Teaming Course

85 Learning Materials

Module 1: Introduction

Course Overview

Video
00:04:59

Introduction to Red Teaming

Video
00:12:57

Fundamentals of Active Directory

Video
00:33:35

Module 2: Active Directory Components

Domain and Domain Controller

Video
00:10:29

Organizational Units

Video
00:05:19

Group Policy Objects

Video
00:15:41

Security Groups

Video
00:13:55

Trees and Forests

Video
00:09:57

Authentication Mechanism in Active Directory

Video
00:02:43

Cyber Kill Chain

Video
00:02:00

Module 3: Lab Structure and Access

Lab Structure and Access

Video
00:14:47

Module 4: NTLM Relay Attacks

NTLM Relay Attacks Overview

Video
00:02:42

NTLM Authentication

Video
00:11:25

Name Resolution Process in Windows

Video
00:10:00

LLMNR/NBT-NS/MDNS Poisoning

Video
00:25:49

SMB Relay Attack

Video
00:42:40

Cross Protocol Relay

Video
00:05:58

LDAP Relay Attack

Video
00:29:10

IPv6 DNS Takeover Attack

Video
00:48:07

Module 5: Enumeration Tactics

Enumeration Tactics Overview

Video
00:01:43

Enumeration with Command Prompt

Video
00:09:24

Powershell Basics

Video
00:09:26

Enumeration with PowerView

Video
00:20:28

Share Enumeration

Video
00:06:11

BloodHound

Video
00:18:35

Module 6: Kerberos Authentication

Kerberos Authentication Overview

Video
00:01:15

Understanding Authentication Mechanisms

Video
00:23:59

Kerberos Pre-Requisites

Video
00:20:45

Kerberos Deep Dive

Video
00:37:59

Kerberos Practical

Video
00:09:42

Module 7: Kerberos Based Attacks

Kerberos Based Attacks Overview

Video
00:00:24

User Enumeration

Video
00:09:34

Password Guessing

Video
00:04:02

AS-Rep Roasting

Video
00:16:29

Kerberoasting

Video
00:14:52

Module 8: Kerberos Delegation

Kerberos Delegation Overview

Video
00:07:23

Unconstrained Delegation

Video
00:46:25

Constrained Delegation - Kerberos Only

Video
00:18:29

Constrained Delegation - Any Authentication Protocol

Video
00:34:41

Resource Based Constrained Delegation (RBCD)

Video
00:39:14

Module 9: Abusing ACLs

ACL Fundamentals

Video
00:36:31

Abusing Generic All ACL

Video
00:08:58

Abusing Generic Write ACL (RBCD) from Linux

Video
00:46:31

Abusing Generic Write ACL (RBCD) from Windows

Video
00:22:23

Module 10: Coercion Attacks

Coercion Overview

Video
00:04:02

PrinterBug

Video
00:20:12

Petitpotam

Video
00:06:06

WebDav Relay Attack

Video
00:16:38

WebDav Relay Attack Practical

Video
00:23:45

Module 11: Post Exploitation Analysis

Post Exploitation Analysis Overview

Video
00:03:36

Taking POC

Video
00:06:56

DCSynck Attack

Video
00:14:36

Credential Dumping and Password Analysis

Video
00:08:17

Module 12: Persistence Techniques

Persistence Overview

Video
00:03:15

Silver Ticket

Video
00:22:38

Golden Ticket

Video
00:20:46

Diamond Ticket

Video
00:14:31

Module 13: Active Directory Certificate Services (ADCS)

ADCS Overview

Video
00:20:11

Certificate Signing Request

Video
00:26:06

Enumeration

Video
00:12:30

ESC1 - Misconfigured Certificate Template

Video
00:21:46

ESC4 - Misconfigured Certificate Template Access Control

Video
00:30:12

ESC8 - Misconfigured Certificate Authority

Video
00:29:13

Module 14: Pass the Cert

Pass the Cert Overview

Video
00:12:27

Pass the Cert in Action

Video
00:38:15

Module 15: Shadow Credentials

Shadow Credentials Attack Overview

Video
00:21:12

Abusing msDs-KeyCredentialLink

Video
00:35:09

Un-Pac the Hash Attack

Video
00:19:27

WebDav Relay Attack (Shadow Credentials)

Video
00:31:25

Module 16: Abusing Domain Trusts

Overview

Video
00:09:59

Kerberos across Trust Boundaries

Video
00:11:30

Abusing Domain Trusts

Video
00:33:33

Module 17: Case Study & Statistics

Case Study & Statistics from 100 Engagements

Video
00:15:19

Module 18: Report Writing

Writing Exploitation

Video
00:29:10

Writing Information Gathering

Video
00:29:35

Writing Proof Of Concept

Video
00:06:56

Writing Domain Persistence

Video
00:09:13

Writing Post Exploitation

Video
00:08:26

Writing Executive Summary and ROE

Video
00:13:27

Finalizing the Report

Video
00:25:17

Writing Finding

Video
00:08:26

Module 19: CWRT Exam and What Next?

CWRT Exam

Video
00:02:24

What Next?

Video
00:03:41

Module 20: Course Resources

Windows Red Teaming PPT

PPT

Windows Red Teaming Report

DOC

This course is designed to be uncomfortable... 

because real red teaming is.

You won’t watch attacks - you’ll execute them
 You won’t follow scripts - you’ll chain attack paths
 You won’t be given answers - you’ll earn access

Windows Red Teaming Lab Structure

Windows Red Teaming Course Lab Structure

Windows Red Teaming Course Instructor

Windows Red Teaming Course Instructor

Shashi Kant Prasad

Principal Security Consultant
Shashi Kant Prasad is a skilled red teamer at Redfox Security with expertise in Web, Cloud, Hardware, DevOps, and Red Teaming. He also trains peers at top security conferences.

Testimonials
AN
January 6
The Windows Red Teaming Course by Redfox Cybersecurity Academy completely changed how I approach Active Directory security. The hands-on labs covering Kerberoasting, DCSync attacks, and Golden Ticket creation were highly practical and realistic. Performing lateral movement and privilege escalation in live environments built real confidence. This course significantly accelerated my professional growth. 
Read more
SN
This course is deeply technical and fully hands-on. Practicing NTLM relay attacks, BloodHound enumeration, and credential dumping in structured lab scenarios helped me truly understand adversary tradecraft. The focus on chaining attacks across Windows domains was extremely valuable. After completing the course, I felt far more prepared for advanced red team engagements. 
Read more
DB
January 7
What stands out in the Windows Red Teaming Course by Redfox Cybersecurity Academy is the realism of the labs. From domain enumeration to DCShadow and advanced persistence mechanisms, everything is executed practically. Learning how to abuse Kerberos and maintain stealth inside a domain environment gave me a strong technical edge. The skills I gained directly contributed to my career advancement. 
Read more
RK
October 27, 2025
The practical learning approach in this course is unmatched. I spent most of the time performing DCSync attacks, SPN exploitation, process injection, and Defender evasion techniques. Instead of just learning tools, I learned methodology. This course gave me the confidence to handle complex internal assessments and strengthened my professional profile. 
Read more
Michael Carter
December 1, 2025
The Windows Red Teaming Course by Redfox Cybersecurity Academy provides serious depth into Active Directory exploitation. The structured modules on lateral movement, privilege escalation, and post-exploitation persistence were reinforced with hands-on lab exercises. Completing this program helped me transition into more advanced and challenging security roles. 
Read more
TS
October 28, 2025
From Kerberoasting chains to NTLM relay exploitation and BloodHound path analysis, every module in this course is practical and execution-focused. The lab-driven format ensures that concepts are not just understood but applied. This training significantly enhanced my technical expertise and gave me a clear advantage in my career progression. 
Read more
Panel only seen by widget owner
Edit widget
Views
0%
Extend Limit

Certified Windows Red Teamer (CWRT)

Earn the Certified Windows Red Teamer (CWRT) certification to validate your expertise in Active Directory exploitation, red teaming tactics, and security bypass techniques. This certification proves your ability to conduct real-world attacks on Windows environments, making you a valuable asset in cybersecurity. Gain hands-on experience through labs and instructor-led training, preparing for roles like red team operator or penetration tester. Participants will receive a CWRT certificate upon completing the course and passing the CWRT practical exam.

Windows Red Teaming Certification CWRT

Key Takeaways

  • Life time access to course and resources
  • 30 days of free lab access
  • Private Discord community access for direct support and networking.
  • One attempt at the Certified Windows Red Teamer Exam (CWRT)
  • Develop strategies for maintaining persistence in compromised environments
  • A professionally structured report template is provided for use in real-world engagements
Frequently Asked Questions
How long do I have access to the course materials?
All courses at Redfox Cybersecurity Academy are self-paced, and you will have lifetime access to all course materials, including video lectures, downloadable resources, and recorded sessions. You can learn at your own pace and revisit the content anytime. 
How long do I have access to the lab environment?
Each course includes 30 days of lab access from the date of enrollment. This provides hands-on practice in a real-world simulation environment. If you need additional time, lab access can be extended on a paid basis by contacting training@redfoxsec.com 
Is an exam included with the course?
Yes, all courses include one exam attempt to earn your certification. The exam tests your understanding of the course material and hands-on skills developed during the labs. Please note: the exam must be taken or attempted within 90 days from the course purchase date.
What happens if I don't pass the exam on my first attempt?
If you do not pass on your first attempt, you can request an exam reattempt for $99. To schedule a reattempt, please contact training@redfoxsec.com. We recommend reviewing the course materials and practicing in the labs before reattempting the exam.
Will I receive a certificate after completing the course?
Yes! Upon successfully passing the exam, you will receive an industry-recognized certification from Redfox Cybersecurity Academy. Each course has its own specific certification (e.g., CWAPT, CJWPT, CJEH, CWEP, CAAPT) that validates your expertise in that domain. 
Do I need any prior experience to enroll in a course?
Prerequisites vary by course. Some courses are designed for beginners and require no prior experience, while advanced courses may assume basic knowledge of cybersecurity concepts or specific technologies. Please check the course description for specific prerequisites. If you're unsure, feel free to contact us at training@redfoxsec.com for guidance on which course is right for you. 
Are hands-on labs included in all courses?
Absolutely! Every course at Redfox Cybersecurity Academy includes practical, hands-on labs designed to reinforce theoretical concepts and prepare you for real-world scenarios. These labs are accessible for 30 days from enrollment and provide a safe, controlled environment for practicing your skills. 
How long does it take to complete a course?
All courses are self-paced, so the completion time depends on your schedule and commitment. On average, students complete courses in 4-6 weeks when dedicating a few hours per week. However, with lifetime access to course materials, you can take as much time as you need to thoroughly understand the content. 
Can I get support if I have questions during the course?
Yes, we provide dedicated support for all our learners. If you have questions about course content, lab access, certification, or any other concerns, you can reach out to our team at training@redfoxsec.com. We're committed to helping you succeed throughout your learning journey. 
What makes Redfox Cybersecurity Academy courses unique?
Our courses are designed by industry professionals with real-world experience in cybersecurity. We focus on practical, hands-on learning with comprehensive lab environments that simulate actual attack scenarios. Combined with lifetime course access, industry-recognized certifications, and dedicated support, Redfox Cybersecurity Academy provides a complete learning experience to help you build a successful career in cybersecurity. 
What is a red team course and how is this different from a pentesting course?
A red team course trains you to think and operate like an adversary - going beyond individual vulnerability exploitation to simulate full attack campaigns against enterprise environments. This Windows Red Teaming Course goes deeper than standard pentesting programs by covering adversary tradecraft, stealth operations, and chained attack paths across Active Directory, which are all defining elements of real red teaming. It is one of the most practical red teaming courses available, with 70% of time spent in live labs. 

No search results found

Panel only seen by widget owner
Edit widget
Views
0%
Extend Limit

Ready to Master the Art of Pentesting?

Choose our pentesting courses for:

Affordable Price

Unlock your potential with affordable upskilling! Our unbeatable course prices are your chance to level up without breaking the bank. 

Lifetime Access

Acquire lifetime access to our resources when you buy our courses. Gain knowledge today and unlock a lifetime of learning. 

Certificate of Completion

Upon completing our course, you'll receive a certificate of completion to showcase your new skills. Add it to your resume or LinkedIn profile.

Hands-On Experience

Get hands-on experience with real-world scenarios and challenges, giving you practical skills that you can apply immediately in your career. 

Expert Instructors

Learn from industry experts with years of experience in pentesting, who are passionate about sharing their knowledge and helping you succeed. 

Flexible Learning

Whether you're a beginner or an experienced professional, our courses are designed to meet you where you are and help you reach your goals. 

Get in Touch

Have a question, need assistance, or want to collaborate? We’re here to help!

Whether you're looking for cutting-edge cybersecurity solutions or expert training or want to learn more about our services, contact us today.

+91