Microsoft Azure

Microsoft's cloud platform. Main portal available at https://portal.azure.com

A list of all the various Azure and Microsoft portals that would be of interest to people managing and administrating the different services can be found at the following website: https://msportals.io/

Basics guides

Attack and Defending Microsoft Cloud https://adsecurity.org/wp-content/uploads/2019/10/2019-BSidesPR-AttackingAndDefendingTheMicrosoftCloud.pdf
AWS <-> Azure Services Naming Comparison Guide https://docs.microsoft.com/en-gb/azure/architecture/aws-professional/services.
Azure AD Fundamentals https://youtu.be/1xnOwKr7go0
Azure Services List https://docs.microsoft.com/en-gb/learn/modules/welcome-to-azure/3-tour-of-azure-services
Common Azure Security Vulnerabilities blogpost https://rhinosecuritylabs.com/cloud-security/common-azure-security-vulnerabilities/
Get started guide for Azure IT operators https://docsmsftpdfs.blob.core.windows.net/guides/azure/azure-ops-guide.pdf.
Introduction to Pentesting in Azure https://www.gracefulsecurity.com/an-introduction-to-pentesting-azure/
Learning Azure Security https://michaelhowardsecure.blog/2020/02/14/so-you-want-to-learn-azure-security/
Microsoft Azure Essentials: Fundamentals of Azure, Second Edition https://blogs.msdn.microsoft.com/microsoft_press/2016/09/01/free-ebook-microsoft-azure-essentials-fundamentals-of-azure-second-edition/. A 260-page ebook with exercises.

Books

Modern Authentication with Azure Active Directory for Web Applications - Vittorio Bertocci (Deep dive into Azure AD)
Penetration Testing Azure for Ethical Hackers: Develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments - David Okeyode, Karl Forsaaen
Pentesting Azure Application: The Definitive Guide to Testing and Securing Deployments - Matt Burrough

Testing Requirements

No prior permission required - notifications can be submitted at https://portal.msrc.microsoft.com/en-us/engage/pentest, rules of engagement are also linked to from there

Tools

aadinternals https://github.com/Gerenios/AADInternals
adconnectdump: Dump Azure AD Connect credentials for Azure AD and Active Directory https://github.com/fox-it/adconnectdump
Azucar https://github.com/nccgroup/azucar/
AzureHound: The BloodHound data collector for Microsoft Azure https://github.com/BloodHoundAD/AzureHound
Azure Storage Explorer https://azure.microsoft.com/en-us/products/storage/storage-explorer/
Azurite https://github.com/FSecureLABS/Azurite
Cloud security Suite: One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure https://github.com/SecurityFTW/cs-suite
MicroBurst : A collection of scripts for assessing Microsoft Azure security - https://github.com/NetSPI/MicroBurst
Microsoft's Attack Surface Analyzer https://github.com/Microsoft/AttackSurfaceAnalyzer
Powerzure: PowerShell script to interact with Azure https://github.com/hausec/PowerZure
ROADtools: Azure AD enumeration tools https://github.com/dirkjanm/ROADtools
Steampipe https://github.com/turbot/steampipe
Stormspotter https://github.com/Azure/Stormspotter

Training Resources

A Penetration Tester's Guide to Azure https://labs.withsecure.com/archive/a-penetration-testers-guide-to-the-azure-cloud/
AD Security - https://adsecurity.org/
Attacking and Defending Microsoft Cloud (Azure & Office 365) https://i.blackhat.com/USA-19/Wednesday/us-19-Metcalf-Attacking-And-Defending-The-Microsoft-Cloud.pdf
Microsoft Learn: Azure Fundamentals https://docs.microsoft.com/en-gb/learn/paths/azure-fundamentals/

Defender Resources

Azure Sentinel detections, queries and workbooks https://github.com/Azure/Azure-Sentinel

Benchmarks, Best Practices Guides etc

ADFS Extranet Lockout https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-extranet-smart-lockout-protection
Azure AD Conditional Access https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview]
Azure AD deployment plans https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-deployment-plans
Azure AD Golden Configuration https://aka.ms/m365goldenconfig
Azure AD Modern Authentication (Legacy auth deprecated 13/8/2020) https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/enable-or-disable-modern-authentication-in-exchange-online
Azure AD Privileged Identity Management https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/pim-configure
Azure AD Smart Lockout https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-smart-lockout
Azure AD staged rollout https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-staged-rollout
Azure security best practices https://docs.microsoft.com/en-us/azure/security/security-best-practices-and-patterns
Azure security documentation https://docs.microsoft.com/en-us/azure/security/
Azure security white papers https://azure.microsoft.com/en-us/resources/whitepapers/
CIS Benchmark for Azure https://www.cisecurity.org/benchmark/azure/
Eliminate bad passwords in your org https://docs.microsoft.com/en-gb/azure/active-directory/authentication/concept-password-ban-bad
Five steps to securing your identity infrastructure https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identity
Four steps to a strong identity foundation with Azure AD https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identity
Microsoft Cloud & Security Webinars https://techcommunity.microsoft.com/t5/security-privacy-compliance/security-community-webinars/m-p/927888
Securing hybrid deployments https://docs.microsoft.com/en-gb/azure/active-directory/users-groups-roles/directory-admin-roles-secure
Top 5 things to know about Azure AD logs https://www.youtube.com/watch?v=BjpeowKOe3A

Microsoft Azure

Basics guides​

Books​

Testing Requirements​

Tools​

Training Resources​

Defender Resources​

Benchmarks, Best Practices Guides etc​