From 7e2ea21589858f0567f72c1aa4905b7bdce599d9 Mon Sep 17 00:00:00 2001 From: Kumar Ashwin <77858203+0xCardinal@users.noreply.github.com> Date: Fri, 17 Sep 2021 03:48:10 +0500 Subject: [PATCH 1/2] Add More Resources in Azure Adds tools, resources and book --- pages/mydoc/azure_cloud.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/pages/mydoc/azure_cloud.md b/pages/mydoc/azure_cloud.md index efdc2b4..1491df8 100644 --- a/pages/mydoc/azure_cloud.md +++ b/pages/mydoc/azure_cloud.md @@ -52,10 +52,16 @@ folder: mydoc * Post Exploitation * [Azure Post Exploitation Techniques](https://azure.microsoft.com/en-in/blog/azure-post-exploitation-techniques/) * [Identifying & Exploiting Leaked Azure Storage Keys](https://www.notsosecure.com/identifying-exploiting-leaked-azure-storage-keys/) +* [NETSPI's Cloud Pentesting Blogs](https://www.netspi.com/blog/technical/cloud-penetration-testing/) +* [Getting Started in Pentesting the Azure Cloud](https://www.blackhillsinfosec.com/webcast-getting-started-in-pentesting-the-cloud-azure/) +* [Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials](https://www.varonis.com/blog/azure-skeleton-key/) +* [Azure AD Seamless SSO allows enumerating tenant users](https://o365blog.com/post/desktopsso/) +* Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD) - Sean Metcalf and Mark Morowczynski -> [Video](https://youtu.be/SG2ibjuzRJM) & [Slides](https://www.blackhat.com/us-19/briefings/schedule/#attacking-and-defending-the-microsoft-cloud-office---azure-ad-14553) ## Books * [Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments](https://www.amazon.in/Pentesting-Azure-Applications-Definitive-Deployments-ebook/dp/B072SS34CP/ref=tmm_kin_swatch_0?_encoding=UTF8&qid=1536010588&sr=8-1) +* [Penetration Testing Azure for Ethical Hackers](https://www.packtpub.com/product/penetration-testing-azure-for-ethical-hackers/9781839212932) ## Tools @@ -64,7 +70,10 @@ folder: mydoc * [azucar](https://github.com/nccgroup/azucar): Security auditing tool for Azure environments * [cs-suite](https://github.com/SecurityFTW/cs-suite): One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure. * [onedrive_user_enum](https://github.com/nyxgeek/onedrive_user_enum): enumerate valid onedrive users +* [MicroBurst](https://github.com/NetSPI/MicroBurst): MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. It is intended to be used during penetration tests where Azure is in use. +* [ROADtools](https://github.com/dirkjanm/ROADtools): ROADtools is a framework to interact with Azure AD. It currently consists of a library (roadlib) and the ROADrecon Azure AD exploration tool. +* [AzureADRecon](https://github.com/adrecon/AzureADRecon): AzureADRecon is a tool which extracts and combines various artefacts like Tenant, Users, Licenses, ServicePrincipals, etc. out of an Azure AD environment with a valid credential. -Defensive +### Defensive - [Azure Policy Compliance Scan](https://github.com/Azure/policy-compliance-scan): With the Azure Policy Compliance Scan action, you can now easily trigger a on demand scan from your GitHub workflow on one or multiple resources, resource groups or subscriptions, and continue/fail the workflow based on the compliance state of resources. From 83ff43e985756ce4e063228dc588411ee640fec5 Mon Sep 17 00:00:00 2001 From: Kumar Ashwin <77858203+0xCardinal@users.noreply.github.com> Date: Fri, 17 Sep 2021 03:57:09 +0500 Subject: [PATCH 2/2] Add video in Azure Doc :sparkles: --- pages/mydoc/azure_cloud.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pages/mydoc/azure_cloud.md b/pages/mydoc/azure_cloud.md index 1491df8..298237c 100644 --- a/pages/mydoc/azure_cloud.md +++ b/pages/mydoc/azure_cloud.md @@ -57,6 +57,12 @@ folder: mydoc * [Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials](https://www.varonis.com/blog/azure-skeleton-key/) * [Azure AD Seamless SSO allows enumerating tenant users](https://o365blog.com/post/desktopsso/) * Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD) - Sean Metcalf and Mark Morowczynski -> [Video](https://youtu.be/SG2ibjuzRJM) & [Slides](https://www.blackhat.com/us-19/briefings/schedule/#attacking-and-defending-the-microsoft-cloud-office---azure-ad-14553) +* [An Introduction to Azure Offensive Security with David Okeyode](https://youtu.be/7U102o53NaA) +* [DYI Azure Security Assesment - DEF CON 27 Cloud Village](https://youtu.be/tJc_CNQMh5k) +* [Azure Security Meetup Adventures in Azure Privilege Escalation By Karl Fosaaen](https://youtu.be/_BWD7767DvM) +* [Adventures in Azure Privilege Escalation Karl Fosaaen](https://youtu.be/EYtw-XPml0w) +* [Karl Fosaaen - Attacking Azure Environments with PowerShell - BSides Portland 2018](https://youtu.be/AWhag2K3AS8) +* [Attacking Azure Environments with PowerShell Karl Fosaaen](https://youtu.be/IdORwgxDpkw) ## Books