Book Image

Penetration Testing Azure for Ethical Hackers

By : David Okeyode, Karl Fosaaen
Book Image

Penetration Testing Azure for Ethical Hackers

By: David Okeyode, Karl Fosaaen

Overview of this book

“If you’re looking for this book, you need it.” — 5* Amazon Review Curious about how safe Azure really is? Put your knowledge to work with this practical guide to penetration testing. This book offers a no-faff, hands-on approach to exploring Azure penetration testing methodologies, which will get up and running in no time with the help of real-world examples, scripts, and ready-to-use source code. As you learn about the Microsoft Azure platform and understand how hackers can attack resources hosted in the Azure cloud, you'll find out how to protect your environment by identifying vulnerabilities, along with extending your pentesting tools and capabilities. First, you’ll be taken through the prerequisites for pentesting Azure and shown how to set up a pentesting lab. You'll then simulate attacks on Azure assets such as web applications and virtual machines from anonymous and authenticated perspectives. In the later chapters, you'll learn about the opportunities for privilege escalation in Azure tenants and ways in which an attacker can create persistent access to an environment. By the end of this book, you'll be able to leverage your ethical hacking skills to identify and implement different tools and techniques to perform successful penetration tests on your own Azure infrastructure.
Table of Contents (12 chapters)
1
Section 1: Understanding the Azure Platform and Architecture
5
Section 2: Authenticated Access to Azure

Preparing for Contributor (PaaS) exploit scenarios

To follow along with the exercises in this chapter, you will need to set up a user with Contributor permissions and some vulnerable workload configurations in your own Azure subscription. As in previous chapters, we have automated this using a PowerShell script that you can run from Azure Cloud Shell. Before proceeding, ensure that you have run the clean-up scripts to remove resources from previous chapters. This will help us avoid any script execution exceptions.

Here are the tasks that we will complete in this exercise:

  • Task 1: Create a test user account with Contributor privileges.
  • Task 2: Deploy vulnerable workloads for all the scenarios.

Let's get started:

  1. Open a web browser and browse to the Azure portal at https://portal.azure.com. Sign in with your azureadmin credentials.
  2. In the Azure portal, click on the Cloud Shell icon in the top-right corner. Select PowerShell:

    Figure 6.1 –...