Azure Penetration Testing Specialist

In-person

1. Intro to Azure

2. Intro to Azure services

3. Different ways to interact with Azure

4. Tenant availability and gathering tenant information

5. Azure subdomains recon

6. Enumerating services

7. User enumeration

8. Password spraying

9. Consent phishing

10. Device Code Phishing

11. Adversary in the Middle

12. Bypassing MFA

13. Understanding conditional access

14. Bypassing conditional access

15. Understanding different token types

16. Where to look for tokens

17. How can different tokens be used and abused

18. Understanding Entra ID roles and permissions

19. Understanding users, groups and service principles

20. Abusing external collaboration for persistence

21. Abusing service principles for persistence

22. Understanding storage types

23. Storage enumeration

24. Connecting to containers and blobs

25. Connecting to storage accounts

26. Understanding automation accounts

27. Understanding runbooks

28. Finding and decoding secrets

29. Persistence with automation accounts

30. Abusing disk snapshots

31. Abusing run commands

32. Abusing IMDS

33. Abusing key vault policies

34. Abusing key vault RBAC

35. Retrieving secrets from key vaults

36. Container lifecycle

37. Registry anonymous access

38. Registry admin access

39. Inspecting images