Penetration Testing Azure for Ethical Hackers: Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

iebukes PACKT 51 次浏览 没有评论
Penetration Testing Azure for Ethical Hackers: Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments Front Cover

Penetration Testing Azure for Ethical Hackers: Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

by Charles Horton, David Okeyode, Karl Fosaaen
  • Length: 352 pages
  • Edition: 1
  • Publisher: Packt Publishing
  • Publication Date: 2021-11-25
  • ISBN-10: 1839212934
  • ISBN-13: 9781839212932
  • Sales Rank: #55169 (See Top 100 Books)
Description

Simulate real-world attacks using tactics, techniques, and procedures that adversaries use during cloud breaches

Key Features

  • Understand the different Azure attack techniques and methodologies used by hackers
  • Find out how you can ensure end-to-end cybersecurity in the Azure ecosystem
  • Discover various tools and techniques to perform successful penetration tests on your Azure infrastructure

Book Description

Security professionals working with Azure will be able to put their knowledge to work with this practical guide to penetration testing. The book provides a hands-on approach to exploring Azure penetration testing methodologies that will help you get up and running in no time with the help of a variety of real-world examples, scripts, and ready-to-use source code.

As you learn about the Microsoft Azure platform and understand how hackers can attack resources hosted in the Azure cloud, you’ll find out how to protect your environment by identifying vulnerabilities, along with extending your pentesting tools and capabilities. This book starts by taking you through the prerequisites for pentesting Azure and shows you how to set up a pentesting lab. You’ll then simulate attacks on Azure assets such as web applications and virtual machines from anonymous and authenticated perspectives. Finally, you’ll learn about the opportunities for privilege escalation in Azure tenants and ways in which an attacker can create persistent access to an environment.

By the end of this book, you’ll be able to leverage your ethical hacking skills to identify and implement different tools and techniques to perform successful penetration tests on your own Azure infrastructure.

What you will learn

  • Identify how administrators misconfigure Azure services, leaving them open to exploitation
  • Understand how to detect cloud infrastructure, service, and application misconfigurations
  • Explore processes and techniques for exploiting common Azure security issues
  • Use on-premises networks to pivot and escalate access within Azure
  • Diagnose gaps and weaknesses in Azure security implementations
  • Understand how attackers can escalate privileges in Azure AD

Who this book is for

This book is for new and experienced infosec enthusiasts who want to learn how to simulate real-world Azure attacks using tactics, techniques, and procedures (TTPs) that adversaries use in cloud breaches. Any technology professional working with the Azure platform (including Azure administrators, developers, and DevOps engineers) interested in learning how attackers exploit vulnerabilities in Azure hosted infrastructure, applications, and services will find this book useful.

Table of Contents

  1. Azure Platform and Architecture Overview
  2. Building Your Own Environment
  3. Finding Azure Services and Vulnerabilities
  4. Exploiting Reader Permissions
  5. Exploiting Contributor Permissions on IaaS Services
  6. Exploiting Contributor Permissions on PaaS Services
  7. Exploiting Owner and Privileged Azure AD Role Permissions
  8. Persisting in Azure Environments

Penetration Testing Azure for Ethical Hackers: Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

 
 扫描二维码,关注微信公众号,发送“FWMM”获取下载访问密码,关注我,永不迷路  
                微信公众号二维码