# Assume Breach Execution Cycle

<figure><img src="https://3181773753-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FQM6Nvhjy1iXnnp3fuEU6%2Fuploads%2FuDRUWSlTsuPOywsHVteV%2Fimage.png?alt=media&#x26;token=353d8ce4-c6a2-41ef-8f17-555eca4dadd9" alt="CRTP - Assume Breach"><figcaption></figcaption></figure>

CRTP Lab uses the methodology "Assume Breach", they provide us with a user account with low-level privileges, and the focus of the exam is after the **Initial Comprise** phase.&#x20;

No phishing, no exploits, no CVEs - Let's Live Of The Land while breaching ADs.

#### Initial Access Granted

Upon starting the CRTP Lab's challenge, a low-level user account is already compromised. With the Initial Compromise phase out of the way, the real test of skill begins.

#### Mission Objective: Privilege Escalation

Using only native tools and resources, our task is to escalate privileges within the Active Directory environment. This environment mimics real-world networks, requiring careful maneuvering and a deep understanding of AD

{% embed url="<https://digitalocean.pxf.io/c/3259613/1373783/15890>" %}

{% embed url="<https://cli-ck.me/buy-nessus>" %}