Introducing TryHackMe’s Red Team Capstone Challenge Network, the milestone challenge for offensive security professionals and users that have completed our Red Team Learning Path.
By simulating what you would typically find in a real client engagement, your team can apply their knowledge and put their skills to the test.
As the largest and most comprehensive network created by TryHackMe, there are 20 flags to collect, spread across 10 different phases!
What is the Red Team Capstone Challenge?
TryHackMe’s Red Team Capstone Challenge is a real end-to-end red team engagement, testing your team’s knowledge of key red teaming and network security testing topics!
The Government of Trimento (a fictitious island country situated somewhere in the Pacific) approached TryHackMe to perform this engagement against TheReserve, their reserve bank. While TheReserve may be small in size, foreign investment has led to TheReserve building up a considerable amount of wealth over the years.
The Red Team Capstone Challenge Network tests users to perform a simulated backend bank transfer, touching on all phases of the Cyber Kill Chain. Along the way, users will need to register as a citizen of Trimento and use the system to provide feedback to the government on their progress.
The Government of Trimento will reward users with flags as they further the compromise of TheReserve. The most unique aspect of the challenge is there is no single attack path! Multiple attack paths have been created to allow users to choose their own path, with 6912 possible path combinations. This means that even after the challenge is completed once, there’ll still be lots more for your team to discover as they find alternative attack paths!
The network consists of 14 hosts in total, with 3 AD domains, and 5 different network trust zones.
What does the Red Team Capstone Challenge cover?
The Capstone Challenge Network tests the knowledge gained from various modules and rooms in the Red Teaming learning path to perform an end-to-end red team project.
Your team will be challenged with the following learning objectives:
OSINT
Open Source Intelligence (OSINT) is simulated in this challenge. Users are expected to use OSINT techniques to uncover information about employees of TheReserve to target them and their accounts.
Enumeration & Fuzzing
During various phases in the challenge, users must perform enumeration to discover hosts and services in the environment. These services then have to be fuzzed to discover vulnerabilities and misconfigurations that can be exploited.
Phishing
Phishing is a very common practice to perform during red team engagements. Should users choose this path for breaching the perimeter, users can phish employees to gain an initial foothold.
Anti-Virus Evasion
AV is used on all machines in the environment. Users are expected to modify and obfuscate their malware to evade AV detection.
Lateral Movement
Certain parts of the network in the challenge are segregated, as is often the case during real-life engagements. Users are expected to perform lateral movement and pivoting in these cases to achieve their final goal.
Active Directory Exploitation
90% of the Forbes 1000 companies make use of Active Directory. If an organisation’s estate uses Microsoft Windows, you are almost guaranteed to find AD. Throughout the challenge, users are expected to fully compromise several AD domains to obtain the required privileges for goal execution.
Linux and Windows Security Testing
The challenge has a combination of Windows and Linux hosts. To reach the end goal, users will have to discover misconfigurations on these hosts and exploit them. This will require skills such as local host enumeration.
Privilege Escalation
In several phases of the challenge, users will be required to escalate their privileges. This will include both local privilege escalation as well as AD privilege escalation through different tiers.
Post-Compromise Exploitation
The capstone challenge has an end goal, requiring users to perform a simulated fraudulent transaction. Users will have to perform post-compromise enumeration and exploitation to discover the information required to perform the end goal.
Who is the Red Team Capstone Network intended for?
Due to the size of the challenge, the Red Team Capstone Challenge is intended for testing the knowledge of key red teaming and network security topics and is ideal for professionals working in offensive security environments. While not a strict requirement, completing the Red Team Learning Path is recommended as your team will be tested on the topics covered in the path!
TryHackMe for Business
The best way to defend against attacks is to adopt a proactive approach with realistic simulations and continuous offensive security training and upskilling. Red team exercises aim to avoid real-world instances of cyber attacks by taking an attacker-like approach when testing security.
TryHackMe consists of over 850 real-world training labs to teach these topics in action, arming your team with the knowledge needed for red, blue, and purple team engagements.
Haven’t launched our Red Teaming learning path yet? Our Red Team training goes above and beyond penetration testing. Your team will learn to conduct successful Red Team engagements and challenge the defence capability of the businesses, ready for your blue team to action.
Launch our Red Teaming learning path to learn how to execute adversary attack emulations as a Red Team Operator.
Launch the Challenge Network
Launch our new Red Team Capstone Network now to test your team and enable them to apply their knowledge and skills!
Ben Spring