Chapter 3: Finding Azure Services and Vulnerabilities

As a penetration tester, you may be tasked with anonymously attacking an Azure tenant as part of your assessment. From a scope perspective, this can be tricky. Anyone can name an Azure service whatever they want, and it may be hard to find resources that are truly in scope. Regardless of whether you are chasing a bug bounty or shadow IT assets during a penetration test, anonymous Azure service discovery can be a helpful tool in identifying vulnerabilities in an environment.

In this chapter, we will cover attacks for Azure that do not require any authentication to an Azure tenant. Additionally, these will be attacks that you can use to gain initial access to an Azure tenant. We will also touch ...

Get Penetration Testing Azure for Ethical Hackers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Penetration Testing Azure for Ethical Hackers by David Okeyode, Karl Fosaaen

Chapter 3: Finding Azure Services and Vulnerabilities

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly