Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Penetration Testing Azure for Ethical Hackers
  • Table Of Contents Toc
Penetration Testing Azure for Ethical Hackers

Penetration Testing Azure for Ethical Hackers

By : David Okeyode, Karl Fosaaen
4.9 (10)
close
close
Penetration Testing Azure for Ethical Hackers

Penetration Testing Azure for Ethical Hackers

4.9 (10)
By: David Okeyode, Karl Fosaaen

Overview of this book

“If you’re looking for this book, you need it.” — 5* Amazon Review Curious about how safe Azure really is? Put your knowledge to work with this practical guide to penetration testing. This book offers a no-faff, hands-on approach to exploring Azure penetration testing methodologies, which will get up and running in no time with the help of real-world examples, scripts, and ready-to-use source code. As you learn about the Microsoft Azure platform and understand how hackers can attack resources hosted in the Azure cloud, you'll find out how to protect your environment by identifying vulnerabilities, along with extending your pentesting tools and capabilities. First, you’ll be taken through the prerequisites for pentesting Azure and shown how to set up a pentesting lab. You'll then simulate attacks on Azure assets such as web applications and virtual machines from anonymous and authenticated perspectives. In the later chapters, you'll learn about the opportunities for privilege escalation in Azure tenants and ways in which an attacker can create persistent access to an environment. By the end of this book, you'll be able to leverage your ethical hacking skills to identify and implement different tools and techniques to perform successful penetration tests on your own Azure infrastructure.
Table of Contents (12 chapters)
close
close
1
Section 1: Understanding the Azure Platform and Architecture
5
Section 2: Authenticated Access to Azure

Preface

Welcome to Penetration Testing Azure for Ethical Hackers. This book will cover a wide variety of techniques and attacks that you can use during a penetration test of an Azure environment. Whether you're a seasoned penetration tester who's looking to get an edge in the cloud space or someone who's just getting into the penetration testing space, this book should have valuable information for you.

We will start the book with an introduction to Azure services and the overall architecture of the platform. This first section will cover common services that are used during penetration tests, and the services that support them. This is where we will set the foundation for the rest of the attacks in the book, as attacks typically make use of the architecture and configuration of these services, in contrast with more traditional protocol and code-related penetration testing attacks.

Then, we will cover how you can create and configure a vulnerable test environment in order to follow the exercises in the book. For those who have experience building and maintaining subscriptions, this may be a refresher chapter, but keep in mind that this initial information will inform the rest of the content in the book.

The middle section of the book will cover the attacks and techniques that you will use during a penetration test. The utility of specific attacks in this section will vary for you, as you may not run into all of the services and configurations that we cover during a normal penetration test. As penetration testers who have been in hundreds of Azure subscriptions, we hopefully will be able to give you a good idea of the core services that companies are using, along with the services that are vulnerable to exploits.

For the attacks sections, we will break down the individual attacks by the level of subscription permissions (Reader, Contributor, and so on) and the available attacks for the individual services with those permissions. Since different permissions will allow for different attacks, we'll start with the more basic read-only attacks and move toward more advanced (greater permissions) attacks.

The final chapter of the book focuses on persistence in an Azure environment. During a penetration test, you may find yourself in a situation where you need to maintain access to certain sections of an Azure environment. We will review multiple techniques to hide in an Azure environment.

Thank you for purchasing Penetration Testing Azure for Ethical Hackers!

Hack responsibly and good luck!

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Penetration Testing Azure for Ethical Hackers
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon