0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Penetration Testing Azure for Ethical Hackers

You're reading from Penetration Testing Azure for Ethical Hackers Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

Product type Paperback

Published in Nov 2021

Publisher Packt

ISBN-13 9781839212932

Length 352 pages

Edition 1st Edition

Tools

Azure

Concepts

Penetration Testing

Authors (2):

David Okeyode

Karl Fosaaen

View More author details

Table of Contents (12) Chapters

Preface

1. Section 1: Understanding the Azure Platform and Architecture

2. Chapter 1: Azure Platform and Architecture Overview FREE CHAPTER

3. Chapter 2: Building Your Own Environment

4. Chapter 3: Finding Azure Services and Vulnerabilities

5. Section 2: Authenticated Access to Azure

6. Chapter 4: Exploiting Reader Permissions

7. Chapter 5: Exploiting Contributor Permissions on IaaS Services

8. Chapter 6: Exploiting Contributor Permissions on PaaS Services

9. Chapter 7: Exploiting Owner and Privileged Azure AD Role Permissions

10. Chapter 8: Persisting in Azure Environments

11. Other Books You May Enjoy

Attacking storage accounts

Azure storage accounts are the primary data storage solution in Azure. Other Azure services, such as App Service and Container Registry, rely on it for data storage in the backend. The solution itself offers five services that can be used to store different datasets, including unstructured application data objects (Azure Blob Storage), semi-structured application data in a NoSQL store (Azure Table Storage), managed file shares in the cloud (Azure Files), a messaging store for reliable messaging (Azure Queue Storage), and a data lake for big data workloads (Azure Data Lake Storage Gen2). As you can imagine, this service is a prime target for attackers! For our purposes in this chapter, we will focus on Azure Blob Storage and Azure Files:

Figure 6.6 – Azure Storage

The Contributor role has permissions to read and modify any configuration on the management plane of this service (except for assigning permissions to other users...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

David Okeyode

David Okeyode

David Okeyode is the EMEA chief technology officer for Azure at Palo Alto Networks. Before that, he was an independent consultant helping companies secure their Azure environments through private expert-level training and assessments. He has authored three books on Azure security – Penetration Testing Azure for Ethical Hackers, Microsoft Azure Security Technologies Certification and Beyond, and Designing and Implementing Microsoft Azure Networking Solutions. He has also authored multiple cloud computing courses for the popular training platform LinkedIn Learning. He holds over 15 cloud certifications across Azure and AWS platforms, including the Azure Security Engineer, Azure DevOps, and AWS Security Specialist certifications. David is married to a lovely girl who makes the best banana cake in the world. They love traveling the world together!

See other products by David Okeyode

Fosaaen

Fosaaen

As a Practice Director at NetSPI, Karl leads the Cloud Penetration Testing service line and oversees NetSPI's Portland, OR office. Karl holds a BS in Computer Science from the University of Minnesota and has over a decade of consulting experience in the computer security industry. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit on GitHub to house many of the PowerShell tools that he uses for testing Azure.

See other products by Fosaaen

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m