YoVDO

Adventures in Azure Privilege Escalation

Offered By: YouTube

Tags

Conference Talks Courses Cybersecurity Courses Ethical Hacking Courses System Administration Courses Azure Security Courses

Course Description

Overview

Explore Azure privilege escalation techniques in this 46-minute conference talk from Derbycon 2019. Learn about initial entry points, the Azure permissions model, and various escalation methods, including reader rights, contributor access, and tenant admin privileges. Discover how to leverage storage accounts, virtual disks, runbooks, and automation accounts for privilege escalation. Gain insights into creating backdoors, adding accounts, and managing subscriptions in Azure environments. Conclude with a live demonstration and a Q&A session to deepen your understanding of Azure security challenges.

Syllabus

Intro
Overview
Initial Entry Points
Permissions Model
No Azure Access
Reader Rights
Escalation Example
Contributor Access
Local System
Storage Accounts
Virtual Disks
Runbooks
Subscriptions
Tenant Admin
Adding Accounts
Adding Guest Accounts
Creating Your Own Subscription
Automation Accounts
Demo
Watchers
Backdoors
Questions


Related Courses

Exam Alert: Implement Azure Security
Pluralsight
Securing Microsoft Azure Subscriptions
Pluralsight
Planning and Designing Microsoft Azure Security Solutions
Pluralsight
Microsoft Azure Security Engineer: Configure Advanced Security for Compute
Pluralsight
Exam Alert: Manage Identity and Access in Microsoft Azure
Pluralsight