Azure
Decrypting VM Extension Settings with Azure WireServer
The Azure WireServer service provides configuration data to Azure Virtual Machines. Join us as we walkthrough the process of decrypting that data to find sensitive information.
We Know What You Did (in Azure) Last Summer
At DEF CON 33, NetSPI presented a talk about how Azure resources supporting Entra ID authentication expose tenant IDs, enabling attackers to attribute cloud resources to specific organizations at scale.
Automating Azure App Services Token Decryption
Discover how to decrypt Azure App Services authentication tokens automatically using MicroBurst’s tooling to extract encrypted tokens for security testing.
Extracting Sensitive Information from Azure Load Testing
Learn how Azure Load Testing's JMeter JMX and Locust support enables code execution, metadata queries, reverse shells, and Key Vault secret extraction vulnerabilities.
Validating Azure Cloud Security with Breach and Attack Simulation as a Service
NetSPI’s Breach and Attack Simulation as a Service offers focused simulation tests for Azure users to validate your cloud security capabilities.
What the Function: Decrypting Azure Function App Keys
When deploying an Azure Function App, access to supporting Storage Accounts can lead to disclosure of source code, command execution in the app, and decryption of the app’s Access Keys.
Escalating Privileges with Azure Function Apps
Explore how undocumented APIs used by the Azure Function Apps Portal menu allowed for directory traversal on Function App containers.
Pivoting with Azure Automation Account Connections
Discover a helpful function for enumerating potential pivot points from an existing Azure Automation Account with Contributor level access.
How to Gather Azure App Configurations
Learn how to gather access keys for App Configuration resources and how to use those keys to access the configuration key-value pairs.
Abusing Azure Hybrid Workers for Privilege Escalation – Part 1
Configure Windows VMs in Azure for Hybrid Workers with "Run as" certificates. Check out this post for step-by-step guidance and tips.
How To Extract Credentials from Azure Kubernetes Service (AKS)
In this penetration testing blog, we explain how to extract credentials from the Azure Kubernetes Service (AKS) using the Contributor role permissions on an AKS cluster.
Azure SAS Tokens for Web Application Penetration Testers
Learn how to abuse common misconfigurations of Azure SAS tokens using these web application penetration testing techniques.