David Okeyode - Penetration Testing Azure for Ethical Hackers: Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments

David Okeyode

Karl Fosaaen

BIRMINGHAMMUMBAI

Copyright 2021 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Group Product Manager: Wilson Dsouza

Publishing Product Manager: Vijin Boricha

Senior Editor: Athikho Sapuni Rishana

Content Development Editor: Sayali Pingale

Technical Editor: Nithik Cheruvakodan

Copy Editor: Safis Editing

Project Coordinator: Neil D'mello

Proofreader: Safis Editing

Indexer: Pratik Shirodkar

Production Designer: Shankar Kalbhor

First published: September 2021

Production reference: 1230921

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

978-1-83921-293-2

www.packt.com

To Carrie Thanks for encouraging me when I make ambitious plans. I promise to do the same for you.

Karl Fosaaen

A small office in downtown Minneapolis is where Karl and I were sitting in front of a whiteboard in 2017. I was new to NetSPI, and Karl was kind enough to help me acclimatize and brainstorm on new growth ideas and initiatives. As we concluded our meeting, only one word was written on the board, and that word was cloud. And Karl took it from there, taking all of his knowledge that he has accumulated in security testing and applying it to cloud platforms. Since then, Karl has been widely recognized as a leader in cloud security, and has built many teams, many tools, and published many blogs on the topic. In teaming up with David, who is a brilliant cloud architect, tester, and trainer, together they bring over two decades of industry-leading experience and insights on cloud security to this book. The concept of cloud computing is not new, and some organizations today were born in the cloud, with little to no IT footprint on-premises. But for brick-and-mortar large-scale enterprises, who are saddled with mountains of technical debt with legacy applications, cloud adoption has a naturally slower timetable. The pace of migrating to the cloud is picking up as these large organizations have hit their tipping point for cloud migration. The investment in, and priority of, cloud migration lies at board level, with many mandates for timely migration at enterprise scale. And, amidst the urgency and rush to migration is where mistakes happen, where things get missed, and holes are left open. Also, many companies are bringing the legacy vulnerabilities in those legacy apps to the cloud, which can have a higher impact in a cloud environment. In this book, David and Karl have created a pragmatic and step-by-step guide for the cloud security practitioner that includes detailed instructions for setting up and testing an Azure cloud environment, along with the necessary supporting tools. David and Karl not only describe how to attack a cloud environment, but they also take the time to detail why certain things are important. The practical nature of this book should make it a primer for any cloud security penetration tester as well as cloud architects. The authors of this book take us on a technical journey, from setting up an Azure environment, finding misconfiguration vulnerabilities, compromising Azure AD accounts, and escalating privileges, to attacking VMs in Azure, getting credentials, and persistence options. If the principles and lessons of this book are applied properly using the tools suggested, I think you will be amazed at what you find.

Charles Horton

COO, NetSPI

DavidOkeyode is a cloud security architect at the Prisma cloud speedboat at Palo Alto Networks. Before that, he was an independent consultant helping companies to secure their cloud environments through private expert-level training and assessments. He holds 15 professional certifications across Azure and AWS platforms.

David has over a decade of experience in cybersecurity (consultancy, design, and implementation). He has worked with organizations from start-ups to major enterprises and he regularly speaks on cloud security at major industry events such as Microsoft Future Decoded and the European Information Security Summit.

David is married to a lovely girl who makes the best banana cake in the world and they love traveling the world together!

KarlFosaaen is a practice director at NetSPI. He currently leads the Cloud Penetration Testing service line at NetSPI and oversees their Portland, OR office. Karl holds a BS in computer science from the University of Minnesota and has over a decade of consulting experience in the computer security industry. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit to house many of the PowerShell tools that he uses for testing Azure.

Jake Karnes has a BS in computer science from San Jose State University and holds the GIAC Certified Incident Handler and Certified Ethical Hacker certifications. With a background in software consulting, he is currently a managing consultant at NetSPI. Jake specializes in web application and cloud penetration testing and also contributes to the development of applications and tools for the penetration testing team. He loves working in an ever-evolving field and sharing his knowledge and experience with others.

I'd like to thank my wife, Halle, for empowering me to be the best version of myself. Her compassion and fortitude are an unending source of inspiration. She is my source of light and warmth through cloudy Portland days.

I'd also like to thank my parents and brother for their patience and support while I spent endless hours in front of a computer.

Lastly, I'd like to thank my uncle Pat for mentoring me in life and consulting.

Thomas Elling is a principal security consultant and security researcher at NetSPI. He specializes in web application and cloud security testing and has advised multiple Fortune 500 companies in the technology sector. In his spare time, Thomas enjoys improving his coding skills, watching bad action movies, and hanging out with his dog, Chunks.