Red Teaming Operations (RTO)

From gaining physical access to digitally exploiting systems without being noticed.

Hacking is not exclusive to cyberspace, but can also be done in the physical world. How are these attacks performed? From gaining physical access to digitally exploiting systems without being noticed once you are in.

12 - 16 March 2018 | 25 - 29 June 2018 | Amsterdam | 12 - 16 November 2018

Course objectives

Tactical Network Exploitation

What happens once an attacker gains an initial foothold into your organisation? During the additional two days of training, we will focus on tactical network exploitation techniques. You will learn about lateral movement within a corporate network, privilege escalation, pivoting techniques, tunnelling and detection avoidance. You will practise everything on a simulated corporate network, which contains everything you might expect in a real corporate network.

Target group

  • Security managers
  • Application developers
  • IT professionals
  • IT auditors with interest in vulnerability assessment and hacking

A condition for participation in covert ops is that participants allready followed Hacklab : hands on hacking.

If you are interested in this course please send an e-mail to nlacademy@deloitte.nl. Due to the nature of the information that is used during this course, it is not open to all applicants. Please send your request via e-mail address above, and you will be informed accordingly.

Course outline

Day 1

  • Introduction to covert operations, backgrounds & trends
  • Legal background of covert operations & planning the engagement
  • Social engineering introduction & gaining physical entry
  • Hands-on: role play/assignment

Day 2

  • Recap & Offensive hacking
  • Exploitation theory
  • Capture the Flag (CTF) challenge
  • Hands-on: Reconnaissance for day 3

Day 3

  • Recap & Post-reconnaissance/planning
  • Maintaining your foothold & actions once inside
  • Detection avoidance
  • Advanced exploitation techniques (escalation/pivoting/tunneling)

Day 4 & 5 (Optional)

Network exploitation, advanced sessions performed in a simulation environment.


The course will be given in English or Dutch, depending on the participants preferred language. The course material is in English.

The five-day course will be held on:

12 - 16 March 2018
25 - 29 June 2018, Amsterdam
12 - 16 November 2018


The costs are € 2,500 ex VAT. Catering (lunch) and course materials are included in the price.

Permanent Education

Deloitte Academy is accredited by the NBA PE institution and has the NRTO label. This course qualifies for 18 PE hours. You can also register your PE-hours at the NOB or VRC.

For more information about our accreditation, we refer you to our Permanent Education page.


'The course covers all aspects of the security triad, is very hands-on, challenging and cool'
Participant 2017

'Great focus on practical applications'
Participant 2016 


Until four weeks before the start of the course you can cancel free of costs or writing your participation oppose to another date. Cancellation within four weeks before the start of the course you will owe the full registration fee. If you are unable to attend, a colleague can participate at no additional cost. We would appreciate it if you bring them to us in good time.

We reserve the right at any time to cancel the course or move to insufficient enrollment. You will be informed in due time.


Ari Davies

Ari Davies


Ari is Director at Deloitte Cyber Risk Services and has over 12 years of information security and ethical hacking experience. He is an experienced penetration testing consultant and engagement manager... Meer

Hugo van den Toorn

Hugo van den Toorn

Senior Consultant

I am Junior Manager with Deloitte Risk Advisory. Within Deloitte, I’m part of both the Red Teaming Operations and the Phishing as a Service teams within Cyber Vigilance. As such, I performed many secu... Meer