HackLab: Red Teaming Operations (RTO)

Gaining covert physical access and exploiting digital systems undetected: welcome to the world of Red Teaming Operations.

Hacking is not exclusive to cyberspace, but can also pertain to the physical world. How are such attacks performed? What tactics and techniques do adversaries use to gain physical access without being noticed and exploit digital systems once they are in?

9 - 13 November 2020

Important information and requirements

If you are interested in this course please send an e-mail to nlacademy@deloitte.nl. Due to the nature of the information that is used during this course, it is not open to all applicants. Please send your request via the e-mail address above, and you will be informed accordingly.

A laptop with virtualization enabled is required (e.g. pre-installed VMware/VirtualBox and a Kali Linux virtual machine). Please send an e-mail to nlacademy@deloitte.nl if you are not able to bring your own laptop so we can provide one for the entire duration of the course.

Course objectives

The Red Teaming Operations course will offer you an unique perspective on how to employ offensive hacking techniques to emulate real world threats against physical and technological environments within an organisation to test resilience and awareness.

You will learn about techniques to infiltrate secure locations of an organization, access their computer network, perform lateral movement in the network, privilege escalation, tunnelling and detection avoidance.


Course outline

Introduction to Red Teaming Operations (RTO) - Day 1 / 2 / 3

  • During the Introduction to Red Teaming Operations (RTO) we will focus on methodologies and planning that are required to perform a succesful Red Teaming operation. We will run a number of practical exercises focused on boosting your skillset in open source intelligence (OSINT), reconnaissance, social engineering and exploitation of physical security weaknesses.

Tactical Network Exploitation (TNE) - Day 4 / 5 

  • What happens once an attacker gains an initial foothold into your organisation? During the last two days of training, we will focus on tactical network exploitation techniques. You will practice what you learned in a simulated network, which contains everything you might expect in a real corporate network, trying to achieve a set of realistic objectives while avoiding detection.

    Pre-requirements for day 4 & 5:
  • Practical hacking experience (e.g. HackLab: Hands-On Hacking, OSCP, GPEN, etc.);
  • Knowledge of Linux and computer networking.



The costs are €1750 ex VAT for the 3-day Introduction to Red Teaming Operations (RTO) course.

The costs are €1250 ex VAT for the 2-day Technical Network Exploitation (TNE) course.

The full 5-day course is offered at a discounted price of €2500 ex VAT.

Catering is included in the price.


'The practical hands-on of the course is really nice. Putting theory into practice throughout the course'

'Experienced facilitators providing good guidance, good location, well organized'

'Good redteam introduction, covering both OSINT, SE and technical attacks'

Date & location

9 - 13 November 2020
Location will be announced one month prior to the training.

The course starts at 9.00 a.m. and ends at 5.00 p.m.

Target group

The course is designed for professionals in the cyber and risk management field who are looking to strengthen their expertise on scenario-based adversarial simulations. You could also be an application developer, security engineer or IT professional with a broad interest in hacking.


The course will be given in English or Dutch, depending on the participants preferred language. The course material is in English.

Permanent Education

Deloitte Academy is accredited by the NBA PE institution and has the NRTO label. This course qualifies for 30 PE hours. You can also register your PE-hours at the NOB or VRC.

For more information about our accreditation, we refer you to our Permanent Education page.


Until four weeks before the start of the course you may cancel your participation by email free of charge, or you may propose to attend on another date. Should you cancel within four weeks before the start of the course you will have to pay the full course fee.

In the event of insufficient participants we reserve the right to cancel the course at any time or move the date of the event. If so, you will be informed in due time.


Karel de Zoete

Karel de Zoete

Senior Consultant

Within Deloitte Cyber Risk Services I’m focusing on Strategy, Risk Management and Transformations. I have a previous background in the banking and financial services industry, as well as public sector... More

Peter van Bolhuis

Peter van Bolhuis

Junior Manager

Within Deloitte Cyber Risk Services, I focus on offensive security. I am an experienced Red Teamer and network specialist, currently active in performing advanced network exploitation attacks. I have ... More