Intro; Brief Contents; Contents in Detail; Foreword; Acknowledgments; Introduction; About Penetration Testing; What This Book Is About; How This Book Is Organized; What You'll Need to Run the Tools; Chapter 1: Preparation; A Hybrid Approach; Teams Don't Always Have Cloud Experience; Clouds Are Reasonably Secure by Default; It's All Connected; Getting Permission; Scope the Assessment; Notify Microsoft; Obtain a "Get Out of Jail Free" Card; Be Aware of and Respect Local Laws; Summary; Chapter 2: Access Methods; Azure Deployment Models; Azure Service Management; Azure Resource Manager
Obtaining CredentialsMimikatz; Using Mimikatz; Capturing Credentials; Factors Affecting Success; Best Practices: Usernames and Passwords; Usernames and Passwords; Searching Unencrypted Documents; Phishing; Looking for Saved ARM Profile Tokens; Guessing Passwords; Best Practices: Management Certificates; Finding Management Certificates; Publish Settings Files; Reused Certificates; Configuration Files; Cloud Service Packages; Best Practices: Protecting Privileged Accounts; Encountering Two-Factor Authentication; Using Certificate Authentication; Using a Service Principal or a Service Account
Accessing CookiesProxying Traffic Through the User's Browser; Utilizing Smartcards; Stealing a Phone or Phone Number; Prompting the User for 2FA; Summary; Chapter 3: Reconnaissance; Installing PowerShell and the Azure PowerShell Module; On Windows; On Linux or macOS; Running Your Tools; Service Models; Best Practices: PowerShell Security; Authenticating with the PowerShell Module and CLI; Authenticating with Management Certificates; Installing the Certificate; Authenticating; Connecting and Validating Access; Best Practices: Service Principals; Authenticating with Service Principals
Using Service Principals with PasswordsAuthenticating with X.509 Certificates; Best Practices: Subscription Security; Gathering Subscription Information; Viewing Resource Groups; Viewing a Subscription's App Services (Web Apps); Gathering Information on Virtual Machines; Finding Storage Accounts and Storage Account Keys; Gathering Information on Networking; Network Interfaces; Obtaining Firewall Rules or Network Security Groups; Viewing Azure SQL Databases and Servers; Consolidated PowerShell Scripts; ASM Script; ARM Script; Summary; Chapter 4: Examining Storage
Best Practices: Storage SecurityAccessing Storage Accounts; Storage Account Keys; User Credentials; SAS Tokens; Where to Find Storage Credentials; Finding Keys in Source Code; Obtaining Keys from a Developer's Storage Utilities; Accessing Storage Types; Identifying the Storage Mechanisms in Use; Accessing Blobs; Accessing Tables; Accessing Queues; Accessing Files; Summary; Chapter 5: Targeting Virtual Machines; Best Practices: VM Security; Virtual Hard Disk Theft and Analysis; Downloading a VHD Snapshot; Retrieving a VHD's Secrets; Exploring the VHD with Autopsy; Importing the VHD