Webcast: Getting Started in Pentesting The Cloud: Azure





In this Black Hills Information Security (BHIS) webcast, you will learn tools and techniques for performing penetration tests against Microsoft Azure environments.

Increasingly, more organizations are migrating resources to being hosted in the cloud. With this comes a greater potential for misconfiguration if there isn’t a solid understanding of the attack surface. While there are many similarities between traditional on-premises pentesting and cloud-based pentesting, the latter is an animal of its own. This webcast attempts to clear up some of the fogginess around cloud-based pentesting, specific to Microsoft Azure environments, including Microsoft 365.

In order to adequately determine the attack surface, the appropriate coverage areas are highlighted. Differences between Azure resources and Microsoft 365 can oftentimes be confusing but knowing these differences is key to helping you pivot and escalate privileges. Conditional access policies are great for defining different scenarios for how users can authenticate securely but can also be misconfigured. There are security protections for stopping certain password attacks but some of these can be bypassed. Ultimately, a methodology for testing Azure environments along with tools and techniques are presented in this talk.

00:00 – FEATURE PRESENTATION: Getting Started in Pentesting the Cloud – Azure

02:32 – WHOAMI (https://www.nobandwidth.io)

03:20 – Talk Roadmap

05:33 – Why Azure?

08:06 – Identifying Attack Surface

12:50 – Recon & External Attacks

19:31 – Password Attacks

21:37 – Password Protection & Smart Lockout

23:05 – Authentication

26:52 – Conditional Access Policies & MFA

34:11 – Post Compromise

36:46 – Command Line Access

37:40 – LINK: CloudPentest Cheatsheets: https://github.com/dafthack/CloudPentestCheatsheets

37:53 – Azure Subscription Hierarchy

41:31 – Resource Specific Issues

41:55 – Serverless Environment Variables

48:59 – Leveraging Scanning Tools

51:11 – Key Takeaways

52:37 – PostShow Banter™ — They Got Questions, Beau

Join us on the BLACK HILLS INFOSEC Discord server for interaction with Beau and your fellow attendees: https://discord.gg/bhis



Check out our Cyber Range, not just a place to work through challenges and play, but also an open direct/hands-on training environment.

https://www.blackhillsinfosec.com/services/cyber-range/



Join the BHIS Blog Mailing List – get notified when we post new blogs, webcasts, and podcasts.

Join 3,533 other subscribers