Hi, I just got confirmation that i passed my exam 🙂

Certificate Az Red Team Professional

I think this one is by far my favorite Course/Exam of Pentester Academy. I will divide my review in two parts. First the course: Attacking and Defending Azure AD Cloud: Beginner’s Edition and then the exam: Certified Az Red Team Professional.

Attacking and Defending Azure AD Cloud Course:

I honestly think that the title is misleading, the course is not for beginers, either security specialist or azure specialist. I can imagine you can pass it without prior knowledge but I dont know how much you will actually understand 100% if you are not familiar with security concepts and with the Az console. This is not the fault of the instructor, it is simple too much to cover at a high level that if you dont know azure i feel you will be lost.

The course had 4 parts:

  1. Introduction to Azure AD:Service Discovery,Recon,Enumeration and Initial Access Attacks
  2. Authenticated Enumeration and Privilege Escalation
  3. Lateral Movement and Persistence Techniques
  4. Data Mining, Defenses, Monitoring & Auditing and Bypassing Defenses

The concepts were explained really well but the real value for me are in the labs. As all pentester academy labs i have done so far they give you a really good lab guide where you can follow everything, in top of that you get videos with lab explanations and on top of that the instructor follows a power point presentation. You also get all the tools. Everything can be downloaded (videos, presentations, lab guide, tools). –> i highly appreaciate this.

Talking about the labs, there are time constrains and you can not buy extra time. For us, we only had access to the labs for the 4 weeks of the course + 1 extra week, so please take that into consideration.

Certified Az Red Team Professional Exam review

In my opinion the exam was perfect, was not too dificult and not too easy. There was no unecessary added complexity like with other pentester academy exams (for example in this exam the flag was called flag). Most of the time i knew what I was doing and where I was going so the complexity of the exam was all Azure related. I highly appreciate that there was nothing more, pure and simple. If you know you know, if not you dont.

The exam is a 24 hours completely hands-on experience. Once started, the exam lab runs for 25 hours. You get an additional hour to compensate for the lab setup time of 10-15 minutes. It took me around 5 hours to compromise everything while writting the report.

The goal of the exam lab is to compromise all the resources and get the final flag and write a report. The exam lab has 5 Azure resources, 2 Azure AD Users and 2 Enterprise Applications which are spread across two tenants. You get access to a VM and that VM doesn’t count as a valid target.

Talking about the report. You must submit a detailed report within 48 hours of your exam lab time expiry. Ideally, you should spend about 18 hours on the lab and 6 hours on reporting. Please note that the Lab access is only for 24 hours.

The report must contain detailed walk-through of your approach to compromise a resource with screenshots, tools used and their outputs. You are free to use any tool you want but you need to explain what a particular command does and no auto-generated reports will be accepted. Unlike the practice labs, no tools will be available on the exam VM.

As a report template i used a modified version of the OSCP one. There are plenty online,  i used this one: https://github.com/whoisflynn/OSCP-Exam-Report-Template


I think this is the best option to learn Azure and Azure AD out there. The exam is fair, not super hard or super easy. If you did your labs exercises and follow the course you will pass. If not, i highly doubt it (as it should be)

Congratz to the instructor and the team that created this. I hope Pentester academy keeps creating cool courses.