Hacking Azure: From Recon to Domination

Your course

As organizations rapidly adopt Microsoft Azure, the risk of misconfigurations and security gaps grows, making cloud environments a prime target for attackers. Understanding offensive security techniques in Azure is critical for penetration testers, security professionals, and cloud engineers aiming to assess and fortify cloud security.

This intensive 2-day hands-on training is designed to teach real-world attack techniques used against Azure environments. Participants will explore the entire attack chain, from reconnaissance and initial access to lateral movement, token theft, cloud-to-on-prem pivoting, and privilege escalation. The training also includes bypassing conditional access policies, abusing misconfigured identities, and leveraging automation services for persistence.

With 18+ hands-on labs, attendees will step into the attacker’s mindset, executing live exploitation scenarios while gaining expertise in offensive tooling, enumeration methods, and security bypasses. This training, led by seasoned cloud security professionals, provides an in-depth understanding of Azure hacking techniques while covering mitigation strategies to help organizations secure their cloud infrastructure effectively.

Who’s it for?

• Cloud administrators and architects

• Penetration testers and red teamers

• CSIRT/SOC analysts and engineers/blue teams

• Developers

• Security/IT managers and team leads

This course is suitable for anyone with a stake or interest in Azure cloud security, from technical practitioners to decision-makers. The syllabus is designed to cover Azure cloud misconfigurations and advanced hacking techniques while equipping participants with the skills to conduct penetration tests on cloud environments and identify security gaps effectively.

Additionally, this course provides a practical, hands-on approach to cloud penetration testing, allowing participants to apply the acquired skills directly in their day-to-day pen-testing activities. By following a structured pen-testing methodology, attendees will gain real-world experience in assessing, exploiting, and understanding Azure security risks.

Student requirements

• Basic to intermediate knowledge of cybersecurity (1.5+ years’ experience)

• Experience with common command line syntax of Azure Cloud CLI

Top 3 Takeaways

• Execute exploit labs in a kill-chain sequence, escalating privileges by compromising multiple Azure services.

• Learn effective enumeration techniques to identify misconfigurations within the cloud

environment

• Understand Microsoft Entra ID misconfigurations and master techniques to bypass

Conditional Access Policies for privilege escalation.

What you will learn

This course uses a Defence by Offense methodology based on real-world engagements and offensive research (not theory). That means everything we teach has been tried and tested on live environments and in our labs and can be applied once the course is completed. By the end of the course, you’ll know how to:

• Think and behave like an advanced, real-world threat actor.
• Identify and exploit complex misconfigurations in Microsoft Azure.
• Design your penetration tests around real-world attacker behaviours and tooling, making them relevant to the threats facing your organization.
• Identify the attack surface exposure created by cloud-based services such as virtual machines (VMs), buckets, container as a service (CaaS) platforms, and serverless functions.