SANS Workshop – Building an Azure Pentest Lab for Red Teams

Thursday, 11 Aug 2022 11:00AM EDT (11 Aug 2022 15:00 UTC)
Speakers: Jason Ostrom, Aaron Cure

The increased importance of the cloud and identity is not lost on attackers. To simulate adversary tradecraft, Red teams must be able to evolve offensive techniques against cloud identity systems. Cloud defenders must adapt quickly to understand these same attacks and instrument defenses.

In this SANS Workshop, you will learn how to use Infrastructure as Code and open-source tools to automatically create an Azure Active Directory security lab which can be used for your own security simulations and use cases. After automatically creating Azure AD users, Applications, and RBAC role assignments, participants will have hands-on exercises to perform reconnaissance and a specific attack pathway that abuses mis-configured roles and permissions. These labs take a closer look at Azure Applications, complimenting the new SANS SEC588 Cloud Penetration Testing course labs on Azure.

Prerequisites:

An active Azure subscription (https://portal.azure.com)
An Azure account with Global Administrator permissions

Prior to the workshop:

Download the Building an Azure Pentest Lab for Red Teams virtual machine. Double-click on the OVA file to import the VM with VMware. Boot the VM after import, then login with the username sec588 and the password slingshot.
1. https://sansurl.com/azure-pentest-lab
2. Password: VjPwuBaTc2Yr
Launch Firefox browser and navigate to home (it should auto-launch).
Follow the lab 0 instructions to ensure that you have an Azure account and active subscription.

Please note – we will not be able to troubleshoot or support local VM issues or Azure account subscription issues. It is highly encouraged that you download and verify login to the VM before the workshop and that you follow all steps in lab 0 for Azure account and subscription setup.

System Requirements:

VMware to launch a customized Slingshot Linux distribution (VMware Workstation Pro, VMware Workstation Player, or VMware Fusion for macOS; trial versions of all three are available, and VMware Workstation Player is available for free for non-commercial use.
30 GB free hard drive space
At least 8 GB RAM

Login to Register

Building_an_Azure_Pen_Test_Lab_for_Red_Teams_-_Workshop_-_8.224.jpg

Related Content

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

Offensive Operations, Pen Testing, and Red Teaming, Open-Source Intelligence (OSINT), Penetration Testing and Red Teaming

November 16, 2023

A Visual Summary of SANS HackFest Summit

Check out these graphic recordings created in real-time throughout the event for SANS HackFest Summit 2023

Offensive Operations, Pen Testing, and Red Teaming, Penetration Testing and Red Teaming

October 4, 2023

SEC670 Prep Quiz Answers

Answers for the SEC670 Prep Quiz. For more details about the course and the quiz, please clickthrough to see the quiz article.

Jonathan Reiter