Dark Side Ops: Azure Cloud Pentesting focuses on the architecture, permissions models, and services of Microsoft’s Azure cloud. Participants will gain a deep understanding of the attack surface area that’s introduced by Azure, and how to exploit vulnerabilities in Azure tenants. The class will feature a live cloud environment with real-world examples that participants can use to sharpen their skills. This course is useful for devops, IT, and internal security groups who want to gain a better understanding of potential risks associated with Azure deployments, how to exploit them, and more important, how to prevent and/or fix them.
The course includes 10 modules that include presentation and lab content. Students will need a laptop that can RDP into an Azure virtual machine. All labs will be conducted from the virtual environment. Student interactivity is encouraged but not required as each student completes the lab individually.
Day 1:
|
Day 2:
|
Dark Side Ops: Azure Cloud Pentesting is ideal for offensive security enthusiasts who are ready to take their skills from on-premise networks up to the cloud. If you’re a penetration tester with a base understanding of internal and external network testing, but you’re looking to round out your Azure skills, this course is for you. This course will also be useful for those looking to gain a better understanding of Azure attacks that may be happening in your tenant.
This course caters to many skill levels, but students will be expected to know the basics of the following concepts:
- Networking and DNS
- Active Directory
- General Access Control Concepts
L33t programming skills are not necessary to enjoy this course, and the labs are designed to provide two packed days regardless of previous experience. The material will focus solely on Azure environments, however some of the tooling and all of the theory could be applied to other cloud providers as well. We truly believe participants will not leave this course disappointed.
- An intermediate level of systems administration experience using Windows or Linux
- Familiarity with general networking concepts, DNS, Active Directory, and permissions models
- Experience with programming and running PowerShell scripts
- Participation in previous Dark Side Ops courses
- Knowledge of modern offensive research and concepts
- Familiarity with Windows systems administration
- Experience developing netsec scripts or tools (C++, Python, Powershell, etc.)
- Experience with penetration testing techniques or frameworks (Metasploit, Cobalt Strike, Red Team Toolkit, etc.)
Each training session includes:
- Remote training provided through a virtual classroom
- Lab manual, slides, and resources
- Tons of custom code!
Virtual courses run from 9:00am-5:00pm CT for two days.
Training will be provided online via a virtual classroom environment. Preparatory course details will be provided one week prior to course start date. Webcams are required for course check-in.