Hola Amigos 👋
This month I grabbed the Halloween Bundle Certifications from CyberWarFare Labs (CWL Labs) because honestly, that discount was too tempting 😁
Through this personal blog, I’ll be sharing my experience with the bundle — including notes, write-ups, reviews, and maybe some rants if things get tricky.
CWL Labs released a special promo this Halloween called the 360° Cybersecurity Bundle. Basically, it gives you access to 11 certifications for only $99. Sounds wild, right? It covers a bunch of topics like red teaming, penetration testing, and even cloud security for AWS, Azure, and GCP.
One of the highlights is the Certified Red Team Analyst (CRTA) course, which on its own usually costs more than the entire bundle. That’s what made it a no-brainer for me.
To be honest, the price was what hooked me first 😅 but after checking the list of courses, I realized it’s a solid deal for anyone trying to build multi-domain cybersecurity skills without spending a fortune. Plus, CWL Labs focuses on hands-on learning, so it’s not just theory, you actually get to play around in real labs.
Maybe.. I’ll share more about each certification in the next few posts, including my study notes, what I learned from the labs, and honest feedback from someone who’s taking the bundle right now.
If you’re curious about how CWL Labs works or just wondering if the bundle is worth the hype, stick around. I’ll tell you everything from a learner’s point of view
Only a few courses in the Halloween Bundle include hands-on labs. Most of them are theory-based, and according to CWL Labs, the following courses don’t have any labs: CEDP, CRT-ID, CELMS, CPIA, CRT-COI, CWI-RTO, C3SA, BTF, and CPTAv2 Community Edition.
If you’re looking for the practical, lab-based ones, those are mainly MCRTA (Multi-Cloud Red Team Analyst) and CRTA (Certified Red Team Analyst). These two come with real interactive labs where you can practice directly in a simulated environment.
CRTA (Certified Red Team Analyst)
This one feels like the classic red-team course. You follow videos and labs that simulate both external attacks and internal (Active Directory) stuff. It’s hands-on: you actually perform post-exploitation activities like privilege escalation and lateral movement. If you want to see “how attackers think” in a realistic lab, CRTA is where you start.
MCBTA (Multi-Cloud Blue Team Analyst)
MCBTA is the blue-team equivalent for multi-cloud. It teaches you how to defend AWS, Azure, and GCP: set up logging/monitoring (think ELK + SIEM), investigate cloud breaches, and practice real scenarios using Hive. It’s beginner-friendly and great if you prefer detecting/responding rather than attacking.
MCRTA (Multi-Cloud Red Team Analyst)
MCRTA is the offensive side of cloud: red teaming across AWS, Azure, and GCP. You learn credential setup, CLI enumeration, core cloud services, and how chained misconfigurations can be exploited. Lots of practical CTF-style labs, feels modern because it’s cloud-first.
CRT-ID (Certified Red Team – Infra Dev)
This one teaches how to build OPSEC-safe red team infrastructure. You learn to use legit cloud/on-prem services as redirectors, build payload servers, and make infrastructure that looks real. There’s also a detailed red-team case study so you can apply what you build in a realistic scenario.
K8S-RTA (Kubernetes Red Team Analyst)
K8s-RTA focuses on attacking Kubernetes clusters. If you’re curious about container security, RBAC abuse, misconfigurations, and privilege escalation inside clusters, this course gives practical attack chains and CTF-style challenges to practice on.
AD-RTS (Active Directory Red Team Specialist)
AD-RTS is about Active Directory red teaming, the classic corporate network attacks: enumeration, exploitation, privilege escalation, and abusing AD services. It’s a hands-on course with labs that mimic real enterprise environments.
BTF (Blue Team Fundamentals)
BTF is an intro to modern defense. You’ll study web, network, and host attacks, map them to defenses and SIEM searches, and learn core roles in a defender team. Good starting point if you want to learn how defenders actually think and operate.
PTF (Purple Teaming Fundamentals)
PTF sits between red and blue it’s about collaboration. You learn how red and blue teams run simulations together to improve detection and response. If you want to learn both sides and how to bridge them, this one’s useful.
C3SA (Cyber Security & SOC Analyst)
C3SA is like a beginner’s gateway into SOC and enterprise security. It covers web exploitation, network attacks, cloud basics, OS vulnerabilities, and SOC ops. It even helps you set up local labs and a small cyber range at home. Good for newbies (like me) who want a broad view.
CPIA (Process Injection Analyst)
CPIA digs deep into process injection techniques on Windows — the kind of stuff advanced attackers use. You’ll learn injection methods, telemetry analysis, and even how to build custom tooling. It’s more niche and technical, so expect low-level, hands-on work.
CRT-COI (Certified Red Team – Cloud Offensive Investigator)
CRT-COI focuses on offensive cloud ops: exploiting misconfigured cloud services and abusing identities/roles. Think of it as a step toward advanced cloud offense, practical and professional-oriented labs included.
CWI-RTO / Certified Windows Internals Red Team Operator
This one covers Windows credential internals and dumping techniques: DPAPI, WDigest, LSASS, browser/registry stores, and manual dump methods. It’s hands-on with video walkthroughs and PDFs useful if you want to understand Windows credentials at a low level.
CPTA / ADRTS (Certified Active Directory Red Team Specialist — described as CPTA/ADRTS in docs)
This course gives a 30-day challenge lab for Active Directory, including Certificate Servers, Exchange Server, and hypervisor interactions. It’s beginner-to-intermediate, with premium materials and big practical focus.. Recommended to read/watch everything first, then activate the lab.
Pros:
This bundle is actually pretty great for beginners (aka entry-level) who want to understand and get a picture of the fundamentals. Plus, it’s super affordable and covers a bunch of stuff you need to start learning the basics.
Cons:
If you’re already in the intermediate or advanced level, this might not be for you. Most of the material only goes over the basics, and only two certifications (MCRTA and CRTA) include labs — the rest are theory only. The reputation also isn’t as strong compared to names like TCM or INE. If you’re looking for something really deep and advanced, probably skip this one. When I tried MCRTA, there were a few errors I ran into, and I had to check the writeup (maybe it’s just my skill issue though, haha).
If you’re just starting out in cybersecurity, this bundle is a solid and budget-friendly way to get your hands dirty and learn the basics. But if you’re already experienced and want something more advanced or lab-heavy, you might want to look elsewhere