Azure Cloud Pentesting Training

Traditional penetration testing has focused on physical assets on internal and external networks. As more organizations begin to shift these assets up to cloud environments, penetration testing processes need to be updated to account for the complexities introduced by cloud infrastructure.
About The Course:

Dark Side Ops: Azure Cloud Pentesting focuses on the architecture, permissions models, and services of Microsoft’s Azure cloud. Participants will gain a deep understanding of the attack surface area that’s introduced by Azure, and how to exploit vulnerabilities in Azure tenants. The class will feature a live cloud environment with real-world examples that participants can use to sharpen their skills. This course is useful for devops, IT, and internal security groups who want to gain a better understanding of potential risks associated with Azure deployments, how to exploit them, and more important, how to prevent and/or fix them.

Course Schedule:

The course includes 10 modules that include presentation and lab content. Students will need a laptop that can RDP into an Azure virtual machine. All labs will be conducted from the virtual environment. Student interactivity is encouraged but not required as each student completes the lab individually.

Day 1:

  • Section 0 – Introduction
  • Section 1 – Azure Basics
  • Section 2 – Anonymous Attacks
  • Section 3 – Initial Access
  • Section 4 – Authenticated Collection
  • Section 5 – Privilege Escalation
Day 2:

  • Section 6 – Virtual Machine Command Execution
  • Section 7 – Virtual Machine Post Exploitation
  • Section 8 – Gathering Credentials
  • Section 9 – Automation Accounts
  • Section 10 – Azure Persistence

Dark Side Ops: Azure Cloud Pentesting is ideal for offensive security enthusiasts who are ready to take their skills from on-premise networks up to the cloud. If you’re a penetration tester with a base understanding of internal and external network testing, but you’re looking to round out your Azure skills, this course is for you. This course will also be useful for those looking to gain a better understanding of Azure attacks that may be happening in your tenant.

This course caters to many skill levels, but students will be expected to know the basics of the following concepts:

  • Networking and DNS
  • Active Directory
  • General Access Control Concepts

L33t programming skills are not necessary to enjoy this course, and the labs are designed to provide two packed days regardless of previous experience. The material will focus solely on Azure environments, however some of the tooling and all of the theory could be applied to other cloud providers as well. We truly believe participants will not leave this course disappointed.

Participants Should Have At Least:
  • An intermediate level of systems administration experience using Windows or Linux
  • Familiarity with general networking concepts, DNS, Active Directory, and permissions models
  • Experience with programming and running PowerShell scripts


Participants Benefit From:
  • Participation in previous Dark Side Ops courses
  • Knowledge of modern offensive research and concepts
  • Familiarity with Windows systems administration
  • Experience developing netsec scripts or tools (C++, Python, Powershell, etc.)
  • Experience with penetration testing techniques or frameworks (Metasploit, Cobalt Strike, etc.)


Virtual Course Format:

All registrants have access to the Dark Side Ops training course material for 90 days through our learning management software: moodle. All attendees will receive access to the following materials:

  • Video Lectures: Engaging video presentations bring the classroom to you, whenever you’re ready to learn.
  • Lab manual, slides, and other resources
  • Tons of custom code

Discover how NetSPI ASM solution helps organizations identify, inventory, and reduce risk to both known and unknown assets.