0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Penetration Testing Azure for Ethical Hackers

You're reading from Penetration Testing Azure for Ethical Hackers Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

Product type Paperback

Published in Nov 2021

Publisher Packt

ISBN-13 9781839212932

Length 352 pages

Edition 1st Edition

Tools

Azure

Concepts

Penetration Testing

Authors (2):

David Okeyode

Karl Fosaaen

View More author details

Table of Contents (12) Chapters

Preface

1. Section 1: Understanding the Azure Platform and Architecture

2. Chapter 1: Azure Platform and Architecture Overview FREE CHAPTER

3. Chapter 2: Building Your Own Environment

4. Chapter 3: Finding Azure Services and Vulnerabilities

5. Section 2: Authenticated Access to Azure

6. Chapter 4: Exploiting Reader Permissions

7. Chapter 5: Exploiting Contributor Permissions on IaaS Services

8. Chapter 6: Exploiting Contributor Permissions on PaaS Services

9. Chapter 7: Exploiting Owner and Privileged Azure AD Role Permissions

10. Chapter 8: Persisting in Azure Environments

11. Other Books You May Enjoy

Preparing for the Reader exploit scenarios

This hands-on exercise will prepare us for the rest of the exercises in this chapter. To follow along with the scenarios that we will cover in this chapter, you will need to set up a user with Reader permissions and some vulnerable workload configurations in your own Azure subscription. We have automated this process using a PowerShell script that you can run from Azure Cloud Shell.

Here's how we will complete this exercise:

Open a web browser and browse to the Azure portal at https://portal.azure.com. Sign in with the azureadmin credentials.
In the Azure portal, click on the Cloud Shell icon in the top-left corner. Select PowerShell:
Figure 4.1 – Azure Cloud Shell icon
In the PowerShell session within the Cloud Shell pane, run the following command to download a script to create a user account with Reader permissions and set up the required vulnerable workloads:
```
PS C:\> Invoke-WebRequest http://bit.ly/reader...
```

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

David Okeyode

David Okeyode

David Okeyode is the EMEA chief technology officer for Azure at Palo Alto Networks. Before that, he was an independent consultant helping companies secure their Azure environments through private expert-level training and assessments. He has authored three books on Azure security – Penetration Testing Azure for Ethical Hackers, Microsoft Azure Security Technologies Certification and Beyond, and Designing and Implementing Microsoft Azure Networking Solutions. He has also authored multiple cloud computing courses for the popular training platform LinkedIn Learning. He holds over 15 cloud certifications across Azure and AWS platforms, including the Azure Security Engineer, Azure DevOps, and AWS Security Specialist certifications. David is married to a lovely girl who makes the best banana cake in the world. They love traveling the world together!

See other products by David Okeyode

Fosaaen

Fosaaen

As a Practice Director at NetSPI, Karl leads the Cloud Penetration Testing service line and oversees NetSPI's Portland, OR office. Karl holds a BS in Computer Science from the University of Minnesota and has over a decade of consulting experience in the computer security industry. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit on GitHub to house many of the PowerShell tools that he uses for testing Azure.

See other products by Fosaaen

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m