Attacking Azure Environments with PowerShell - Karl Fosaaen Derbycon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)
Attacking Azure Environments with PowerShell
Karl Fosaaen
Derbycon 2018

For a multitude of reasons, many organizations are moving their operations to the cloud. Along with this, many organizations are introducing old vulnerabilities in new ways. As one of the top cloud providers, Microsoft Azure has had significant adoption and continues to grow in market share. As part of this increase in adoption, there has also been an increase in demand for security testing of Azure environments. Given the blended nature of hosted services, PAAS, and virtual infrastructure, it can be difficult to get a handle on how to properly secure these environments. Reviewing Azure environments can also be time consuming given the lack of automated tools for dumping configuration information. MicroBurst is a PowerShell tool that helps automate the processes of dumping and reviewing Microsoft Azure configurations. This talk will go over the ways that pen testers and defenders can use MicroBurst to dump out the configuration information for an Azure environment, and identify common configuration issues. Security testers will benefit from the speed of dumping environment credentials for pivoting, listing out publicly available services and files, and enumerating additional targets for phishing and password guessing attacks. As an added bonus, defenders can also use these tools to audit their environment for weak spots.

Karl is a Practice Director at NetSPI who specializes in network and web application penetration testing. With over ten years of consulting experience in the computer security industry, he has worked in a variety of industries and has made his way through many Active Directory domains. Karl also holds a BS in Computer Science from the University of Minnesota. This year, he has spent a fair amount of time digging into automating and assessing the Azure stack. Over the years at NetSPI, Karl has helped build out and maintain their GPU cracking boxes. Karl holds a couple of certifications, that is neat. Karl has previously spoken at THOTCON, DerbyCon 6.0, and BSidesPDX. In his spare time, you may see him trying to sell you a t-shirt as a swag goon at DEF CON.

@kfosaaen

Back to Derbycon 2018 video list



If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek