Red Teaming Operations (RTO)

From gaining physical access to digitally exploiting systems without being noticed.

Hacking is not exclusive to cyberspace, but can also be done in the physical world. How are these attacks performed? From gaining physical access to digitally exploiting systems without being noticed once you are in.

18 - 22 March 2019 | Amsterdam

Course objectives

Tactical Network Exploitation

What happens once an attacker gains an initial foothold into your organisation? During the additional two days of training, we will focus on tactical network exploitation techniques. You will learn about lateral movement within a corporate network, privilege escalation, pivoting techniques, tunnelling and detection avoidance. You will practise everything on a simulated corporate network, which contains everything you might expect in a real corporate network.


Target group

  • Security managers
  • Application developers
  • IT professionals
  • IT auditors with interest in vulnerability assessment and hacking

A condition for participation in covert ops is that participants allready followed Hacklab : hands on hacking.

If you are interested in this course please send an e-mail to nlacademy@deloitte.nl. Due to the nature of the information that is used during this course, it is not open to all applicants. Please send your request via e-mail address above, and you will be informed accordingly.


Course outline

Day 1

  • Introduction to covert operations, backgrounds & trends
  • Legal background of covert operations & planning the engagement
  • Social engineering introduction & gaining physical entry
  • Hands-on: role play/assignment

Day 2

  • Recap & Offensive hacking
  • Exploitation theory
  • Capture the Flag (CTF) challenge
  • Hands-on: Reconnaissance for day 3

Day 3

  • Recap & Post-reconnaissance/planning
  • Maintaining your foothold & actions once inside
  • Detection avoidance
  • Advanced exploitation techniques (escalation/pivoting/tunneling)

Day 4 & 5 

  • Network exploitation, advanced sessions performed in a simulation environment.


'The practical hands-on of the course is really nice. Putting theory into practice throughout the course'

'Experienced facilitators providing good guidance, good location, well organized'

'Good redteam introduction, covering both OSINT, SE and technical attacks'

Date & location

18 - 22 March 2019

24 - 28 June 2019
The Hague

11 - 15 November 2019

The course will be given in English or Dutch, depending on the participants preferred language. The course material is in English.


The costs are € 2.500 ex VAT. Catering (lunch) and course materials are included in the price. 

Permanent Education

Deloitte Academy is accredited by the NBA PE institution and has the NRTO label. This course qualifies for 30 PE hours. You can also register your PE-hours at the NOB or VRC.

For more information about our accreditation, we refer you to our Permanent Education page.


Until four weeks before the start of the course you can cancel free of costs or by email your participation oppose to another date. Cancellation within four weeks before the start of the course you will owe the full registration fee. If you are unable to attend, a colleague can participate at no additional cost. We would appreciate it if you bring them to us in good time.

We reserve the right at any time to cancel the course or move to insufficient enrollment. You will be informed in due time.


Ari Davies

Ari Davies


Ari is Director at Deloitte Cyber Risk Services and has over 12 years of information security and ethical hacking experience. He is an experienced penetration testing consultant and engagement manager... Meer