This comprehensive Offensive Azure Operation & Tactics course provides a deep dive into Azure's infrastructure and security landscape. Participants will explore various modules covering essential components such as Azure infrastructure understanding, enumeration techniques, initial access strategies including phishing methods, abusing reader roles, misconfigurations, and exploiting Azure services. The course extends into post-exploitation techniques, pivoting between cloud and on-premises environments, compromising Azure Kubernetes Service (AKS), devices using Microsoft Intune, Entra ID Connect features, leveraging Azure services for persistence, conducting Azure configuration assessments, and utilizing automation tools for security checks. This hands-on course equips participants with practical insights and skills crucial for identifying and exploiting Azure components.
Basic understanding of cloud technology and penetration testing, along with familiarity in using PowerShell, Python and the Azure CLI.
Students will need to have an Azure Tenant with P2 License and Subscription. All the Labs will be deployed in the Student’s Azure Tenant.
Participants should bring a Laptop equipped with a minimum of 8GB RAM and VirtualBox installed. We'll provide a Windows OVA file for installation within VirtualBox during the course.
This course is for anyone interested in cloud security or wanting to learn the offensive side of Azure Infrastructure. Whether you're into penetration testing, managing Azure Cloud, or just curious to learn about cloud hacking, this course explains how to find ways to get in victims Azure account. It's good for beginners and experts who want to understand more about how to do bad things in Azure, so you can learn how to stop them
Chirag Savla is a Cyber Security professional with 9+ years of experience. His areas of interest include penetration testing, red teaming, azure and active directory security, and post-exploitation research. He prefers to create open-source tools and explore new attack methodologies in his leisure. He has worked extensively on Azure, Active Directory attacks, defense, and bypassing detection mechanisms. He is an author of multiple Open-Source tools such as Process Injection, Callidus, etc. He has presented at multiple conferences and local meetups and has trained people in international conferences like Blackhat, BSides Milano, Wild West Hackin’ Fest.
Raunak Parmar works as a Senior Cloud Security Engineer at White Knight Labs whose areas of interest include web penetration testing, Azure/AWS security, source code review, scripting, and development. He has 3.5+ years of experience in information security. He likes to research new attack methodologies and create open-source tools that can be used during Cloud Red Team activities. He has worked extensively on Azure and AWS. He is the author of Vajra, an offensive cloud security tool. He has spoken at multiple respected security conferences like Black Hat, Defcon, Nullcon, RootCon, and also at local meetups.
