Menu

CYBER SECURITY CERTIFICATION

Linkedin-in X-twitter

Offensive Azure
Operations and Tactics
Training Course

Training Course

Register Now for our next Course - 8/29 & 8/30

Registration is open for our next class. 
August 29 – 30, 2024

Offensive Azure

(Virtual over Zoom)

Course Length: 16 Hours (2 Days)
Format: Virtual
Tuition: $700 per person (USD)
Includes: 30 day access to labs, certificate of participation, and class recordings that never expire.
Lab Requirement: Students will need to have an Azure Tenant with P2 License and Subscription. All the Labs will be deployed in the Student’s Azure Tenant.
Participants MUST bring a Laptop equipped with a minimum of 8GB RAM and VirtualBox installed. We’ll provide a Windows OVA file for installation within VirtualBox during the course
Students will be provided with:
All the course materials, code snippets, custom scripts, etc; will be provided to the students including the lab manual to solve the individual challenges.
30 days access to the portal to deploy the lab and individual challenges for practice.
Requirements: Basic understanding of cloud technology and penetration testing, along with familiarity in using PowerShell, Python and the Azure CLI.

Course Description:

This comprehensive Offensive Azure Operation & Tactics course provides a deep dive into Azure’s infrastructure and security landscape. This hands-on course equips participants withpractical insights and skills crucial for identifying and exploiting Azure components.

Course Syllabus

Day 1

Module 1: Introduction to Azure/Entra ID

  • Entra ID Components
  • Azure Services
  • Azure Intune
  • Office/Microsoft 365
  • Authentication & Authorization Methods
  • Maze of Azure Tokens

Module 2: Azure Access Controls

  • Role Base Access Control
  • Attribute Base Access Control
  • Management Plane & Data Plane
  • Key Vault Access Policy

– Enumeration Approach

  • Unauthenticated & Authenticated Enumeration
  • Automated Enumeration
  • Manual Approach with Custom Scripts
  • Glimpse of Security Controls

Module 3: Gaining Initial Foothold

  • Phishing Techniques
  • Exposed Services
    • Storage Accounts
    • Function Apps
    • App Service
    • Logic Apps
    • K8s
  • Exposed Credentials
  • Password Spray Attacks

Module 4: Post Exploitation & Lateral Movement Approach

  • Abusing Services
    • Hijacking Function Apps
    • Hunting for sensitive information
    • Hijacking Cloud Shell
    • App Services, Key Vault, Logic Apps, ACR, K8s etc
  • Abusing Managed Identity
  • Token Exchange
  • Microsoft Intune

Day 2

Module 5: Entra ID Misconfiguration

  • Shadow Admin
  • Enterprise Apps/App Registrations
    • Graph Permission
    • Owner/Members
  • Conditional Access Policy
  • Dynamic Groups
  • Guest Users
  • Authentication Methods

Module 6: Pivoting From Cloud to On-prem

  • Automation Account
  • ARC
  • Hybrid Connection (Relay)
  • Intune
  • Application Proxy

Pivoting from On-prem to Cloud

  • Entra ID Connect
  • SSO
  • Stealing PRT

Module 7: Maintaining Persistence

  • Service principal
  • Automation Accounts
  • ARC
  • Hybrid Connections

Module 8: Configuration Assessment

  • CIS Benchmarks
    • Automated Tools
      • Open Source
      • Commercial

Final Lab Discussion

What You’ll Learn:

Participants will explore various modules covering essential components such as Azure infrastructure understanding, enumerationtechniques, initial access strategies including phishing methods, abusing reader roles, misconfigurations, and exploiting Azure services.

The course extends into post-exploitation techniques, pivoting between cloud and on-premises environments, compromising Azure Kubernetes Service (AKS), devices using Microsoft Intune, Entra ID Connect features, leveraging Azure services for persistence, conducting Azure configuration assessments, and utilizing automation tools for security checks.

Who Should Enroll:

This course is for anyone interested in cloud security or wanting to learn the offensive side of Azure Infrastructure.

Whether you’re into penetration testing, managing Azure Cloud, or just curious to learn about cloud hacking, this course explains how to find ways to get in victims Azure account.

It’s good for beginners and experts who want to understand more about how to do bad things in Azure, so you can learn how to stop them.

Course Takeaways:

Acquire practical skills in attacking Azure Cloud through hands-on experience.

Learning several ways to gain initial access and abusing Azure Services

Understanding the hybrid infrastructure and abusing the relationship between Cloud and On-prem

RELEVANT

This Course is Hyper-Current

Changes are always made at the last minute to ensure that students receive the most up-to-date and relevant content possible. As a result, the syllabus is subject to change, and course content may be modified based on student skill level, course progression, and other factors.

Not Just Concepts

We get you into the trenches, putting you into real world scenerios that may frustrate you as we challenge your skills and knowledge.

Hands On Lab Environemnt

Eight virtual machines using Ubuntu, Windows 10, Kali, and Windows Server 2019

Not for Beginners

Students should have experience in cybersecurity fundamentals and an understanding of penetration testing and execution of red team operations

To the Limits

This course is designed to challenge you and you must be willing to face the difficulties we present and not give up

Show Overview

OFFENSIVE AZURE OPERATIONS AND TACTICS

Basic Overview

Students will essential components such as Azure infrastructure understanding, enumeration techniques, initial access strategies including phishing methods, abusing reader roles, misconfigurations, and exploiting Azure services.

Take Your Skills to the Next Level

Challenge Yourself

Discover new heights and overcome personal barriers with WhiteKnightLabs’ groundbreaking training program, created to foster growth and unleash your capabilities.

Learn

Enhance your skillset and deepen your understanding through our expert-developed courses, focused on delivering the most pertinent and up-to-the-minute information in your field.

Achieve

Aim for the stars and experience the thrill of success with WhiteKnightLabs’ extensive training program, enabling you to tackle challenges head-on and excel in your chosen profession.

Register Now
for the Next Session

You will receive additional details by email once you complete the registration

Click the link
to secure your seat right now!

Register for 8/29 - 8/30

August 29th and 30th, 2024
Class Times will be
8:30AM EST – 5:00PM EST

Need additional information?

    What is 6 + 1 ?

    Contact us with Questions

    If you have questions let us know.  If you’re unable to use the form. please give us a call at 877-864-4204

    White Knight Labs for Exceptional
    Cyber Security Training Courses

    At White Knight Labs, we firmly believe that every individual’s unique strengths and interests in cybersecurity deserve to be nurtured.

    That’s why we offer an exceptional variety of training opportunities, designed to cater to a diverse range of roles and experience levels.

    Whether you’re a seasoned professional looking to sharpen your skills or a determined novice eager to explore and build a solid foundation, our courses are thoughtfully crafted to support and propel you on your journey of discovery and growth in this critical field.

    Copyright © White Knight Labs – All rights reserved