50% Off The Criterion Collection Shop Now
Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments
A comprehensive guide to penetration testing cloud services deployed with Microsoft Azure, the popular cloud computing service provider used by companies like Warner Brothers and Apple.

Pentesting Azure Applications is a comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies. You'll start by learning how to approach a cloud-focused penetration test and how to obtain the proper permissions to execute it; then, you'll learn to perform reconnaissance on an Azure subscription, gain access to Azure Storage accounts, and dig into Azure's Infrastructure as a Service (IaaS).

You'll also learn how to:

- Uncover weaknesses in virtual machine settings that enable you to acquire passwords, binaries, code, and settings files
- Use PowerShell commands to find IP addresses, administrative users, and resource details
- Find security issues related to multi-factor authentication and management certificates
- Penetrate networks by enumerating firewall rules
- Investigate specialized services like Azure Key Vault, Azure Web Apps, and Azure Automation
- View logs and security events to find out when you've been caught

Packed with sample pentesting scripts, practical advice for completing security assessments, and tips that explain how companies can configure Azure to foil common attacks, Pentesting Azure Applications is a clear overview of how to effectively perform cloud-focused security tests and provide accurate findings and recommendations.
"1128614373"
Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments
A comprehensive guide to penetration testing cloud services deployed with Microsoft Azure, the popular cloud computing service provider used by companies like Warner Brothers and Apple.

Pentesting Azure Applications is a comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies. You'll start by learning how to approach a cloud-focused penetration test and how to obtain the proper permissions to execute it; then, you'll learn to perform reconnaissance on an Azure subscription, gain access to Azure Storage accounts, and dig into Azure's Infrastructure as a Service (IaaS).

You'll also learn how to:

- Uncover weaknesses in virtual machine settings that enable you to acquire passwords, binaries, code, and settings files
- Use PowerShell commands to find IP addresses, administrative users, and resource details
- Find security issues related to multi-factor authentication and management certificates
- Penetrate networks by enumerating firewall rules
- Investigate specialized services like Azure Key Vault, Azure Web Apps, and Azure Automation
- View logs and security events to find out when you've been caught

Packed with sample pentesting scripts, practical advice for completing security assessments, and tips that explain how companies can configure Azure to foil common attacks, Pentesting Azure Applications is a clear overview of how to effectively perform cloud-focused security tests and provide accurate findings and recommendations.
39.99 In Stock
Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments

Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments

by Matt Burrough
Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments
Add to Wishlist
Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments

Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments

by Matt Burrough

Overview

A comprehensive guide to penetration testing cloud services deployed with Microsoft Azure, the popular cloud computing service provider used by companies like Warner Brothers and Apple.

Pentesting Azure Applications is a comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies. You'll start by learning how to approach a cloud-focused penetration test and how to obtain the proper permissions to execute it; then, you'll learn to perform reconnaissance on an Azure subscription, gain access to Azure Storage accounts, and dig into Azure's Infrastructure as a Service (IaaS).

You'll also learn how to:

- Uncover weaknesses in virtual machine settings that enable you to acquire passwords, binaries, code, and settings files
- Use PowerShell commands to find IP addresses, administrative users, and resource details
- Find security issues related to multi-factor authentication and management certificates
- Penetrate networks by enumerating firewall rules
- Investigate specialized services like Azure Key Vault, Azure Web Apps, and Azure Automation
- View logs and security events to find out when you've been caught

Packed with sample pentesting scripts, practical advice for completing security assessments, and tips that explain how companies can configure Azure to foil common attacks, Pentesting Azure Applications is a clear overview of how to effectively perform cloud-focused security tests and provide accurate findings and recommendations.

Product Details

ISBN-13: 9781593278632
Publisher: No Starch Press
Publication date: 07/23/2018
Pages: 216
Product dimensions: 6.90(w) x 9.10(h) x 0.80(d)

About the Author

Matt Burrough is a senior penetration tester on a corporate red team, where he assesses the security of cloud computing services and inter­nal systems. He holds a bachelor's degree in networking, security, and system administration from Rochester Institute of Technology and a master's degree in computer science from the University of Illinois at Urbana-Champaign.

Table of Contents

Foreword Thomas W. Shinder, MD xv

Acknowledgments xix

Introduction xxi

About Penetration Testing xxii

What This Book Is About xxii

How This Book Is Organized xxiii

What You'll need to Run the Tools xxiv

1 Preparation 1

A Hybrid Approach 2

Teams Don't Always Have Cloud Experience 2

Clouds Are Reasonably Secure by Default 2

It's All Connected 3

Getting Permission 3

Scope the Assessment 3

Notify Microsoft 4

Obtain a "Get Out of Jail Free" Card 6

Be Aware of and Respect Local Laws 7

Summary 8

2 Access Methods 9

Azure Deployment Models 10

Azure Service Management 10

Azure Resource Manager 13

Obtaining Credentials 15

Mimikatz 15

Using Mimikatz 15

Capturing Credentials 16

Factors Affecting Success 17

Best Practices: Usernames and Passwords 18

Usernames and Passwords 19

Searching Unencrypted Documents 19

Phishing 19

Looking for Saved Arm Profile Tokens 20

Guessing Passwords 21

Best Practices: Management Certificates 22

Finding Management Certificates 23

Publish Settings Files 23

Reused Certificates 24

Configuration Files 24

Cloud Service Packages 25

Best Practices: Protecting Privileged Accounts 26

Encountering Two-Factor Authentication 26

Using Certificate Authentication 28

Using a Service Principal or a Service Account 28

Accessing Cookies 28

Proxying Traffic through the User's Browser 29

Utilizing Smartcards 30

Stealing a Phone or Phone Number 31

Prompting the User for 2FA 32

Summary 33

3 Reconnaissance 35

Installing PowerShell and the Azure PowerShell Module 36

On Windows 36

On Linux or macOS 36

Running Your Tools 37

Service Models 38

Best Practices: PowerShell Security 39

Authenticating with the PowerShell Module and CLI 40

Authenticating with Management Certificates 40

Installing the Certificate 41

Authenticating 41

Connecting and Validating Access 42

Best Practices: Service Principals 43

Authenticating with Service Principals 44

Using Service Principals with Passwords 44

Authenticating with X.509 Certificates 45

Best Practices: Subscription Security 46

Gathering Subscription Information 47

Viewing Resource Groups 49

Viewing a Subscription's App Services (Web Apps) 50

Gathering Information on Virtual Machines 51

Finding Storage Accounts and Storage Account Keys 54

Gathering Information on Networking 56

Network Interfaces 56

Obtaining Firewall Rules or Network Security Groups 59

Viewing Azure SQL Databases and Servers 61

Consolidated PowerShell Scripts 63

ASM Script 64

ARM Script 66

Summary 68

4 Examining Storage 69

Best Practices: Storage Security 70

Accessing Storage Accounts 71

Storage Account Keys 71

User Credentials 71

SAS Tokens 72

Where to Find Storage Credentials 73

Finding Keys in Source Code 73

Obtaining Keys from a Developer's Storage Utilities 73

Accessing Storage Types 81

Identifying the Storage Mechanisms in Use 81

Accessing Blobs 83

Accessing Tables 85

Accessing Queues 86

Accessing Files 88

Summary 90

5 Targeting Virtual Machines 91

Best Practices: VM Security 92

Virtual Hard Disk Theft and Analysis 92

Downloading a VHD Snapshot 93

Retrieving a VHD's Secrets 94

Exploring the VHD with Autopsy 95

Importing the VHD 95

Analyzing Windows VHDs 98

Analyzing Linux VHDs 100

Cracking Password Hashes 100

Dictionary Attacks 101

Brute-Force Attacks 101

Hybrid Attacks 101

Rainbow Table Attacks 102

Weaknesses in Windows Password Hashes 102

Password Hash Attack Tools 103

Attacking Hashes with Cain & Abel 104

Testing Hashes with hashcat 106

Using a VHD's Secrets against a VM 107

Determining the Hostname 107

Finding a Remote Administration Service 108

Resetting a Virtual Machine's Credentials 111

How to Reset a VM's Credentials 111

Downsides to Password Resets 112

Summary 113

6 Investigating Networks 115

Best Practices: Network Security 116

Avoiding Firewalls 117

Virtual Machine Firewalls 117

Azure SQL Firewalls 119

Azure Web Application Firewalls 121

Cloud-to-Corporate Network Bridging 123

Virtual Private Networks 123

ExpressRoute 130

Service Bus 133

Logic Apps 136

Summary 137

7 Other Azure Services 139

Best Practices: Key Vault 140

Examining Azure Key Vault 140

Displaying Secrets 141

Displaying Keys 142

Displaying Certificates 143

Accessing Key Vault from Other Azure Services 145

Targeting Web Apps 146

Deployment Methods 147

Obtaining Deployment Credentials 148

Creating and Searching for Artifacts on Web App Servers 150

Best Practices: Automation 151

Leveraging Azure Automation 152

Obtaining Automation Assets 152

Hybrid Workers 157

Summary 161

8 Monitoring, Logs, AMD Alerts 163

Azure Security Center 164

Utilizing Security Center's Detection Capabilities 164

Utilizing Security Center's Prevention Capabilities 167

Operations Management Suite 168

Setting up OMS 169

Reviewing Alerts in OMS 171

Secure DevOps Kit 173

Custom Log Handling 175

Summary 177

Glossary 179

Index 185

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computers - General & Miscellaneous
Parallel, Distributed, and Supercomputing
Computers
Computers - General & Miscellaneous
Parallel, Distributed, and Supercomputing

Customer Reviews