🎯 I Spent $99 on 12 Cybersecurity Certifications - Here’s the Honest Truth About cyberwarfare labs

I bought the CWL Cybersecurity All-Rounder Edition for $99, which includes 12 certifications. For courses that include labs, you get 30 days of lab access starting from when you activate the course, not lifetime access.

At first glance, it looks like an amazing deal, and for the price, it’s definitely not bad. That said, it’s not “the best”

The platform is mainly video-focused. If you enjoy watching training videos and following guided labs, you’ll probably like it. However, it’s not comparable to TryHackMe or Hack The Box in terms of hands-on experience.

The labs are mostly walkthrough-style and don’t offer the same level of challenge or realism. You’re following steps rather than actively figuring things out on your own. So if your goal is deep, practical, hands-on cybersecurity practice, this may feel limited.

🤔 The "Wait, This Can't Be Real" Moment

So, there I was, browsing through cybersecurity training platforms-as one does at 2:00 am-when I came upon this bundle. 12 certifications for $99. My first thought? "This is either a scam or the courses are garbage."

Let's be real-most single certifications cost more than my monthly coffee budget. OSCP is $1,600. SANS courses? Don't even get me started. So naturally, I was skeptical.

But here's the thing: I'd heard good things about CWL's CRTA certification from some folks in the red team community. People were saying it was at least practical not just memorizing port numbers like it's 2005.

So I said "screw it" and spent the $99. Worst case, I'd waste the price of a decent dinner. Best case, I'd learn something useful.

Spoiler: In case your goal is learning and not some industry recognition or HR value. The platform is not really well optimized, and these are not really recognized certifications; it serves its purpose as a learning resource, though.

📚 The Full Breakdown (Buckle Up, This Is Long)

1. Multi-Cloud Red Team Analyst (MCRTA) ☁️🔴

The Pitch: Learn to hack AWS, Azure, and GCP
The Reality: You're actually going to hack AWS, Azure, and GCP

Okay, so cloud security is hot right now. Everyone and their dog is moving to the cloud, which means there's a ton of misconfigured S3 buckets, overly permissive IAM roles, and exposed storage accounts just waiting to be exploited.

MCRTA throws you into a lab with 30+ challenges across AWS, Azure, and GCP. You'll do OSINT to find credentials (because apparently companies love leaving API keys in GitHub repos), enumerate cloud services with CLI tools, and chain together misconfigurations to escalate privileges.

What I Liked:

• The lab is actually realistic. It's not some toy environment it's a multi-cloud setup that mirrors what you'd see in a real enterprise.
• You learn to think in terms of cloud attack paths, not just individual vulnerabilities.
• 24x7 lab access means I could hack at 3 AM in my pajamas (which I absolutely did).

What Could Be Better:

• Getting initial access involved a first step that was common to all and involved nothing more than basic knowledge about clouds. I will not divulge further details here (no spoilers 😄).

Real Talk: If you're trying to break into cloud security or you're a pentester who still thinks "the cloud" is just someone else's computer, do this course. It's beginner-friendly but still challenging enough to keep you engaged.

Rating: ⭐⭐⭐⭐⭐ (5/5) - Absolutely worth it.

2. Certified Red Team Analyst (CRTA) 🎯🔴

The Pitch: Become an Active Directory hacking machine
The Reality: You'll spend 6 hours in a VPN-connected lab trying not to panic

Alright, let's talk about the elephant in the room: CRTA is hard. Not "I need to Google a few things" hard. More like "I've been staring at BloodHound for 2 hours and I still can't find the path to Domain Admin" hard.

The exam is 6 hours long. You connect via VPN to a full Active Directory environment and you need to capture flags by exploiting your way from external access to full domain compromise. It's like OSCP but focused entirely on AD.

What I Liked:

• This is definitely one of the more useful AD cert exams I’ve done. No multiple choice, no memorizing, just you, a Kali box, and an domain controller to pwn.
• At first, it can be a tad confusing, but once the concepts fall into place, you can easily complete the task.
• The course videos are actually good. They walk you through real attack chains: Kerberoasting, AS-REP Roasting, Golden Tickets, the whole nine yards.
• You get 2 exam attempts, which is clutch because I definitely needed both (no shame).

What Could Be Better:

• The exam slots are released every Monday, so you might have to wait a bit to schedule.
• The lab can be a bit unstable sometimes.

Real Talk: If you work in enterprise security or you want to be a red teamer, CRTA is essential. Active Directory is everywhere, and this cert proves you can actually exploit it, not just talk about it.

Rating: ⭐⭐⭐⭐⭐ (5/5) - Challenging but absolutely worth it.

3. Multi-Cloud Blue Team Analyst (MCBTA) ☁️🔵

The Pitch: Learn to defend cloud environments
The Reality: You're basically a cloud SOC analyst now

Here's the thing about blue team training: it's rare. Most courses focus on offense because, let's be honest, hacking is cooler than monitoring logs. But MCBTA actually teaches you how to defend cloud environments, which is a skill that's in insane demand right now.

You get access to a full ELK Stack SIEM that's ingesting logs from AWS, Azure, and GCP. Then you investigate 15+ breach scenarios-stuff like credential theft, privilege escalation, and data exfiltration.

What I Liked:

• You work with a full ELK Stack SIEM, using KQL to query cloud logs.
• The breach scenarios are realistic. You're not just looking for obvious IOCs—you're correlating events across multiple log sources.
• This course made me realize how noisy cloud environments are. There's so much telemetry that you need to know what to look for.

What Could Be Better:

• The SIEM setup is pre-configured, so you don't learn how to deploy it yourself. Would've been cool to build it from scratch.

Real Talk: If you're a SOC analyst or you want to transition to cloud security, this is gold. Most blue teamers don't understand cloud, and most cloud people don't understand SOC work. MCBTA bridges that gap.

Rating: ⭐⭐⭐⭐☆ (4/5) - Underrated gem.

4. Certified Red Team Infra Dev (CRT-ID) 🏗️🔴

The Pitch: Build red team infrastructure like a pro
The Reality: You'll finally understand what "OPSEC" actually means

Most red teamers focus on exploitation and completely neglect infrastructure. Then they wonder why their C2 server gets blocked 5 minutes into an engagement.

CRT-ID teaches you to build resilient, stealthy infrastructure using redirectors, domain fronting, and cloud services. You'll set up Apache mod_rewrite rules, configure Nginx reverse proxies, and use Cloudflare Workers to hide your C2 traffic.

What I Liked:

• It challenges you to think about infrastructure from a defensive standpoint - “How would a blue teamer detect this?
• It also helps you build red team infrastructure that’s useful for CTFs.

What Could Be Better:

• The certification is quiz-based, not practical. I would've loved a hands-on exam where you build infrastructure under time pressure.

Real Talk: If you're serious about red teaming, this course is a must. Infrastructure is the difference between a junior pentester and a senior red teamer.

Rating: ⭐⭐⭐☆☆ (3/5) - Good.

5. Kubernetes Red Team Analyst (K8s-RTA) ☸️🔴

The Pitch: Hack Kubernetes clusters
The Reality: You'll realize how insecure most K8s deployments are

Kubernetes is everywhere. And most companies have no idea how to secure it.

K8s-RTA teaches you to exploit RBAC misconfigurations, escape containers, abuse secrets, and pivot from a compromised pod to cluster admin. It's CTF-style challenges in real Kubernetes environments.

What I Liked:

• The labs are realistic. You're not exploiting some ancient CVE - you're abusing misconfigurations that exist in production clusters right now.
• You learn to use tools like kubectl and kubeletctl.
• Container escape techniques are covered in depth. This is the kind of stuff that makes pentest reports spicy.

What Could Be Better:

• you really need to stay vigilant and not overthink things.
• Some challenges are really hard. I spent hours on one step before I realized I was overthinking it.

Real Talk: If you're a pentester or red teamer, you need to know Kubernetes. More and more companies are using it, and most security people have no idea how to attack it.

Rating: ⭐⭐⭐⭐⭐ (5/5) - Essential for modern red teamers.

6. Active Directory Red Team Specialist (AD-RTS) 🏢🔴

The Pitch: Advanced AD attacks including ADCS, Exchange, and ESXi
The Reality: This is CRTA on steroids

If CRTA is "AD 101," then AD-RTS is "AD 401: How to Make Blue Teamers Cry."

This course goes deep on Active Directory Certificate Services (ADCS) exploitation - ESC1 through ESC8 attacks. You'll also exploit Microsoft Exchange (ProxyLogon, ProxyShell) and attack VMware ESXi hypervisors.

The lab is a full enterprise environment with multiple domains, trusts, Certificate Authorities, Exchange servers, and ESXi hosts. It's massive.

What I Liked:

• ADCS exploitation is rarely taught, and it's one of the most powerful attack vectors in AD environments.
• The lab is 30 days, so you have plenty of time to explore.
• You learn advanced Kerberos delegation attacks (Unconstrained, Constrained, RBCD) and NTLM relay techniques.

What Could Be Better:

• This course is dense. There's a lot of content, and it can be overwhelming if you're new to AD.
• Some of the attack chains require multiple steps, and if you miss one, you're stuck. Better documentation would help.

Real Talk: AD-RTS is for people who already know AD basics and want to go deep. If you're a red teamer or pentester who specializes in internal engagements, this is gold.

Rating: ⭐⭐⭐⭐⭐ (5/5) - Advanced but incredible.

7. Blue Team Fundamentals (BTF) 🔵📚

The Pitch: Learn how cyber defense works
The Reality: A solid intro to blue team work

BTF is the "intro to blue team" course. It's beginner-friendly and covers web attacks, network attacks, and host-based attacks from a defender's perspective.

What I Liked:

• Great for people transitioning from red team to blue team (or vice versa).
• You learn to map attacks to defensive solutions and SIEM searches.

What Could Be Better:

• It's a bit basic if you already have SOC experience.
• The exam is quiz based and you need 100% to pass. There’s no feedback on what you got wrong, so be prepared - I needed 5+ attempts before passing. Buckle up.

Real Talk: If you're brand new to blue team work, start here. If you're already a SOC analyst, you can probably skip this.

Rating: ⭐⭐⭐☆☆ (3/5) - Good for beginners.

8. Purple Teaming Fundamentals (PTF) 🟣📚

The Pitch: Learn how red and blue teams collaborate
The Reality: You'll understand why purple teaming is the future

Purple teaming is all about collaboration. Red team simulates attacks, blue team tries to detect them, and everyone learns from the results.

PTF teaches you to design attack simulations, measure detection coverage, and improve security posture through purple team exercises.

What I Liked:

• This is the kind of stuff that actually improves security, not just generates pentest reports.
• You learn to communicate findings between offensive and defensive teams, which is a critical skill.

What Could Be Better:

• The course is a bit theoretical. More hands-on purple team exercises would be great.

Real Talk: If you're a security engineer or consultant, purple teaming is a valuable skill. This course gives you a solid foundation.

Rating: ⭐⭐⭐☆☆ (3/5) - Useful but could be more hands-on.

9. Certified Cybersecurity Specialist All-rounder (C3SA) 🎓🌐

The Pitch: Learn everything about cybersecurity
The Reality: A mile wide, an inch deep

C3SA is the "intro to everything" course. Web exploitation, network attacks, cloud security, OS vulnerabilities, SOC operations—it's all here.

What I Liked:

• Perfect for absolute beginners who don't know where to start.
• Broad exposure to multiple cybersecurity domains.
• Video content and PDFs are decent for foundational learning.

What Could Be Better:

• No labs are involved; everything is in video and PDF format, which is not enough by itself.
• It's highly general. In no subject will you attain the depth.
• The exam is quiz-based, and requires 100% to pass; there’s no feedback on what you got wrong, so expect multiple attempts it took me 3+ tries. Buckle up.

Real Talk: If you're new to cybersecurity, start here. If you already have experience, skip it.

Rating: ⭐⭐⭐☆☆ (3/5) - Great for beginners.

10. Certified Process Injection Analyst (CPIA) 💉🔴

The Pitch: Learn advanced Windows process injection
The Reality: You'll build malware-grade injection tools

Process injection is how malware and red teamers evade detection. CPIA teaches you to perform DLL injection, process hollowing, APC injection, and thread hijacking.

You'll also analyze telemetry (Sysmon, ETW) to understand how defenders detect injection, and you'll build custom injection tools in C/C++.

What I Liked:

• Deep dive into Windows internals (PEB, TEB, VAD). This is the kind of knowledge that separates script kiddies from real operators.
• The course covers both offensive and defensive perspectives.

What Could Be Better:

• There are no labs, it's just lectures and PDFs.
• Some areas appear to be “surface-level” and could benefit from further explanation using examples.
• The exam is based on a quiz system that requires 100% for anyone to pass with no clarification of what score constitutes 100%.

Real Talk: If you're into malware development or red team tooling, this is essential. Process injection is a core technique, and CPIA teaches it better than any other course I've seen.

Rating: ⭐⭐⭐☆☆ (3/5) - Absolute gold for red teamers.

11. Web Red Team Analyst (Web-RTA) 🌐🔴

The Pitch: Master web application security
The Reality: OWASP Top 10 on steroids

Web apps are the #1 attack vector, and Web-RTA teaches you to exploit them like a pro.

You'll learn SQLi, XSS, IDOR, SSRF, XXE, deserialization, file inclusion basically everything in the OWASP Top 10 and WSTG. You'll also learn to chain vulnerabilities for full compromise.

What I Liked:

• The labs are realistic. You're not exploiting some toy app - you're attacking apps that mirror real-world targets.
• You learn to use Burp Suite and OWASP ZAP like a pro.
• The course covers authentication and authorization bypass techniques, which are critical for bug bounty hunting.

What Could Be Better:

• If you've already done PortSwigger Web Security Academy, some of this will feel repetitive.
• The course could use more advanced topics like GraphQL exploitation and API security.

Real Talk: If you're a bug bounty hunter or pentester, you need to know web app security. Web-RTA is a solid course that covers the essentials.

Rating: ⭐⭐⭐⭐⭐ (5/5) - Essential for web security.

12. Certified Red Team – CredOps Infiltrator (CRT-COI) 🔑🔴

The Pitch: Master Windows credential dumping
The Reality: You'll extract credentials from everywhere

Credential theft is the bread and butter of post-exploitation. CRT-COI teaches you to dump credentials from LSASS, SAM, LSA Secrets, WDigest, Kerberos, NTLM, browsers, and registry stores.

You'll also learn DPAPI exploitation and how to build FUD credential dumpers.

What I Liked:

• Comprehensive coverage of Windows credential storage.
• You learn to extract credentials from places most people don't even know exist.
• The course includes guidance on building custom dumpers that evade AV/EDR.

What Could Be Better:

• The certification is quiz-based (100% passing score required), not practical. A hands-on exam would be better.
• Some sections assume you already know Windows internals.

Real Talk: If you're a red teamer or pentester, credential dumping is a must-have skill. CRT-COI teaches it thoroughly.

Rating: ⭐⭐⭐⭐☆ (4/5) - Great content, but quiz-based cert is a letdown.

💰 Let's Talk About Value (Because $99 Is Insane)

Okay, so here's the math:

Certification	Regular Price	CWL Price (Bundle)
MCRTA	$49	Included
CRTA	$99	Included
MCBTA	$49	Included
CRT-ID	$49	Included
K8s-RTA	$49	Included
AD-RTS	$49	Included
BTF	$29	Included
PTF	$29	Included
C3SA	$49	Included
CPIA	$49	Included
Web-RTA	$49	Included
CRT-COI	$49	Included
TOTAL	~$520+	$99

Yeah. You're saving over $400+.

🎯 Who Should Actually Buy This?

✅ You Should Buy This If:

• You're new to cybersecurity and want broad exposure (start with C3SA, BTF, PTF)
• You're a SOC analyst who wants to learn offensive techniques (CRTA, MCRTA, Web-RTA)
• You're a pentester expanding into cloud/AD/K8s (MCRTA, AD-RTS, K8s-RTA)
• You're a red teamer building infrastructure skills (CRT-ID, CPIA, CRT-COI)
• You're a student or career switcher on a budget
• You want hands-on labs with video lectures

❌ You Should Skip This If:

• You're looking for HR-recognized certs (OSCP, CEH, CISSP, Security+, CPTS, eJPT v2 are still king for that)
• You have zero IT knowledge (you'll struggle to start with CompTIA A+ or Network+ first)
• You prefer video-only learning (CWL is lab-heavy, which is great, but not for everyone)
• You need hand-holding (the courses expect you to be self-motivated)

🚀 My Recommended Learning Path

If you just bought the bundle and you're staring at 12 certifications like "WTF do I start with?", here's my advice:

Phase 1: Get Your Bearings (Weeks 1-4)

1. C3SA - Get broad exposure to all domains
2. BTF - Learn how defenders think
3. PTF - Understand red/blue collaboration

Phase 2: Go Offensive (Weeks 5-12)

4. Web-RTA - Master web app security (easiest offensive cert)
5. CRTA - Learn Active Directory attacks (hardest but most valuable)
6. MCRTA - Expand into cloud red teaming

Phase 3: Get Advanced (Weeks 13-20)

7. AD-RTS - Advanced AD, ADCS, Exchange, ESXi
8. K8s-RTA - Kubernetes exploitation
9. CRT-COI - Credential dumping
10. CPIA - Process injection and evasion

Phase 4: Infrastructure & Defense (Weeks 21-24)

11. CRT-ID - Build red team infrastructure
12. MCBTA - Learn cloud defense and SIEM

🔍 The Honest Pros and Cons

✅ What's Actually Good:

• Insane value ($99 for$520+ worth of training)
• 24x7 labs (hack at 3 AM in your pajamas)
• Practical, hands-on (you actually exploit stuff, not just watch videos)
• Real-world labs (mirrors enterprise environments)
• Beginner-friendly (most courses assume zero knowledge)
• Comprehensive (offensive, defensive, cloud, AD, web, containers)

❌ What Could Be Better:

• Not HR-recognized (won't impress recruiters like OSCP or CEH)
• Documentation varies (some PDFs are great, others feel rushed)
• Limited community (smaller than TryHackMe or HackTheBox)
• Some quiz-based certs (CRT-COI, CRT-ID, I prefer hands-on exams)
• No job placement (you're on your own for career stuff)

🏆 Final Verdict: Should You Buy It?

Short answer: Yes, if your goal is learning, not resume signaling.

Long answer: For $99, this is one of the best learning-focused bundles you can buy. The labs (where available) are practical, the content is solid, and the scope is massive. But these certifications are not HR-recognized, some courses are video/PDF-only, and several exams are quiz-based with 100% required and no feedback.

If you go in with the right expectations, the value is undeniable.

Is it perfect? No. The documentation & some exam methods could be better, the community is smaller, and the certs aren't as recognized as OSCP. But for $99? You'd be crazy not to buy it.

My Recommendation:

• Beginners: Buy it. Start with C3SA, BTF, and PTF. Work your way up.
• SOC Analysts: Buy it. Do MCBTA, CRTA, and MCRTA to learn offensive techniques.
• Pentesters: Buy it. AD-RTS, K8s-RTA, and CRT-ID will level up your skills.
• Red Teamers: Buy it. CPIA, CRT-COI, and CRT-ID are gold.
• Career Switchers: Buy it. Build a portfolio of certs without going broke.

Overall Rating: ⭐⭐⭐⭐☆ (4/5)

Now if you'll excuse me, I have 3 more certifications to finish. 🛡️

Happy hacking, and I'll see you in the labs. 🔥

Review by: 4nuxd
Date: 11 January 2026
Certifications Completed: 12/12 (and counting)