🔵 Azure Security

Azure AD Enumeration

Comprehensive Azure AD reconnaissance and enumeration techniques.

• Tenant enumeration and discovery
• User and group enumeration
• Application registration analysis
• Service principal enumeration

Conditional Access Bypass

Testing and bypassing Azure AD Conditional Access policies.

• Conditional access policy analysis
• Trusted location exploitation
• Device compliance bypass
• Risk-based access bypass

Azure AD Connect Security

Testing Azure AD Connect hybrid identity security.

• Azure AD Connect enumeration
• Hybrid identity exploitation
• Password hash synchronization security
• Pass-through authentication testing

Resource Group Enumeration

Discovering and analyzing Azure resource groups and resources.

• Resource group enumeration
• Resource access control testing
• Resource tagging analysis
• Resource lock bypass techniques

Role-Based Access Control

Testing Azure RBAC configurations for privilege escalation.

• Custom role analysis
• Built-in role exploitation
• Resource-level permissions
• Subscription-level access

Azure Policy Security

Assessing Azure Policy configurations and bypass techniques.

• Policy definition analysis
• Policy assignment exploitation
• Compliance state manipulation
• Policy exemption abuse

Key Vault Enumeration

Discovering and enumerating Azure Key Vault instances.

• Key Vault discovery techniques
• Access policy analysis
• Secret enumeration
• Certificate enumeration

Secret Extraction

Extracting secrets and keys from Azure Key Vault.

• Access policy exploitation
• Managed Identity abuse
• Cross-tenant key access
• Key version exploitation

Encryption Key Security

Testing encryption key management and security.

• Key rotation security
• Hardware Security Module (HSM) testing
• Key export restrictions
• Key usage monitoring

Function App Enumeration

Discovering and analyzing Azure Function applications.

• Function app enumeration
• Function trigger analysis
• Application settings exploitation
• Function code analysis

Managed Identity Abuse

Exploiting Azure Managed Identity configurations.

• System-assigned identity abuse
• User-assigned identity exploitation
• Identity token extraction
• Cross-service identity abuse

Function Security Testing

Testing Azure Function security configurations.

• Authentication bypass techniques
• Authorization testing
• Input validation security
• Function timeout exploitation

Virtual Network Security

Testing Azure Virtual Network security configurations.

• VNet enumeration
• Subnet security assessment
• Network Security Group analysis
• Route table exploitation

Load Balancer Security

Assessing Azure Load Balancer security configurations.

• Load balancer enumeration
• Backend pool security
• Health probe manipulation
• SSL termination security

Application Gateway Security

Testing Azure Application Gateway security.

• WAF rule bypass techniques
• SSL/TLS configuration testing
• Backend health monitoring
• Rate limiting bypass

VM Security Assessment

Testing Azure Virtual Machine security configurations.

• VM enumeration and discovery
• VM metadata service exploitation
• Custom script extension abuse
• VM extension security testing

Disk Security Testing

Assessing Azure managed disk security.

• Disk encryption testing
• Disk snapshot analysis
• Disk access key security
• Disk attachment exploitation

VM Backup Security

Testing Azure VM backup and recovery security.

• Backup vault enumeration
• Recovery point exploitation
• Backup policy analysis
• Cross-region backup access

SQL Database Security

Testing Azure SQL Database security configurations.

• SQL database enumeration
• Firewall rule bypass
• Authentication testing
• Database encryption security

Cosmos DB Security

Assessing Azure Cosmos DB security implementations.

• Cosmos DB account enumeration
• Access key security testing
• Resource token exploitation
• Network access control testing

Storage Account Security

Testing Azure Storage Account security configurations.

• Storage account enumeration
• Blob container access testing
• Shared Access Signature exploitation
• Storage encryption security

Security Monitoring

Testing Azure Security Center monitoring capabilities.

• Security alert analysis
• Threat detection bypass
• Security policy manipulation
• Compliance assessment exploitation

Defender for Cloud

Assessing Azure Defender security services.

• Defender agent security
• Vulnerability scanning bypass
• Threat protection evasion
• Security recommendations abuse

Sentinel Security

Testing Azure Sentinel SIEM security.

• Sentinel workspace enumeration
• Log analytics security
• Playbook exploitation
• Incident response bypass

Azure Testing Tools

• MicroBurst: Azure security assessment toolkit
• ROADtools: Azure AD reconnaissance
• Stormspotter: Azure attack path mapping
• Azurite: Azure emulator for testing

Enumeration Tools

• Azure CLI: Azure command line interface
• PowerShell: Azure PowerShell modules
• Azure REST API: Programmatic Azure access
• Azure SDK: Azure development libraries

Security Tools

• Azure Security Center: Built-in security monitoring
• Azure Sentinel: Cloud-native SIEM
• Azure Defender: Threat protection services
• CloudSplaining: Azure policy analysis