Intro To Azure Pentesting Course - Hacking Azure

Intro To Azure Pentesting Course - Cloud Pentesting Course is designed for security professionals looking to start testing how secure a company is in Azure Active Directory (AD). The course is going to cover the following phases of Azure pentesting:

Recon: gathering information on the company infrastructure and it's employees.

Initial access: getting access to the system via phishing or any other way.

Enumeration: enumerating the company's infrastructure from the inside by gathering all the groups, users, systems and more.

Privilege Escalation: Escalating our privilege by looking at common misconfiguration and exploitation.

Lateral Movement: moving from one system to another one.

What is Azure?

The Azure cloud platform is more than 200 products and cloud services designed to help you bring new solutions to life—to solve today’s challenges and create the future. Build, run, and manage applications across multiple clouds, on-premises, and at the edge, with the tools and frameworks of your choice.

Learn to abuse Azure AD and a number of services offered by it and cover multiple complex attack lifecycles against a lab containing a live Azure tenants.

Introduction to Azure AD pentesting will go into a deep dive analyzing and exploiting Enterprise Apps, App Services, Logical Apps, Function Apps, Unsecured Storage, Phishing, and Consent Grant Attacks

Also, the course will demonstrate how enumerate Storage Accounts, Key vaults, Blobs, Automation Accounts, Deployment Templates, and more.

Prerequisites

1. Basic understanding of Azure AD is desired but not mandatory.
2. Privileges to disable/change any antivirus or firewall.