A comprehensive guide to penetration testing cloud services deployed with Microsoft Azure, the popular cloud computing service provider used by companies like Warner Brothers and Apple.You'll learn how to:-Gain access by circumventing two-factor authentication and stealing management certificates from developer machines-Make sense of Azure's services by using PowerShell commands to find IP addresses, administrative users, and firewall rules-Exploit Azure's storage model and recover storage keys-Attack virtual machines and acquire passwords, binaries, code, and settings files-Compromise networks by modifying firewall rules-Attack specialized services like Azure Key Vault and Azure Websites-Know when you might be caught by viewing logs and security eventsPacked with real-world examples from the author's experience as a corporate penetration tester, sample scripts from attacks, and "Defenders Tips" that explain how companies can reduce risk, Attacking Microsoft Azure provides a clear overview of Azure's vulnerabilities and how to take advantage of them.
