Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments

A comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies large and small.

You'll learn how to:

Find security issues related to multi-factor authentication and management certificates

Make sense of Azure's services by using PowerShell commands to find IP addresses, administrative users, and firewall rules

Discover security configuration errors that could lead to exploits against Azure storage and keys

Uncover weaknesses in virtual machine settings that enable you to and acquire passwords, binaries, code, and settings files

Penetrate networks by enumerating firewall rules

Investigate specialized services like Azure Key Vault and Azure Websites

Know when you might be caught by viewing logs and security events

Packed with real-world examples from the author's experience as a corporate penetration tester, sample scripts from pen-tests and "Defenders Tips" that explain how companies can reduce risk, Pentesting Azure Applications provides a clear overview of how to effectively perform security tests so that you can provide the most accurate assessments possible.