Cargando…
Penetration testing Azure for ethical hackers : develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments /
Chapter 3: Finding Azure Services and Vulnerabilities -- Technical requirements -- Guidelines for Azure penetration testing -- Azure penetration test scopes -- Anonymous service identification -- Test at your own risk -- Azure public IP address ranges -- Hands-on exercise - parsing Azure public IP a...
| Clasificación: | Libro Electrónico |
|---|---|
| Autores principales: | , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Birmingham, UK :
Packt>,
2021.
|
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | OR_on1288626909 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr cnu|||||||| | ||
| 008 | 211215t20212021enka ob 001 0 eng d | ||
| 040 | |a AU@ |b eng |e rda |e pn |c AU@ |d ORMDA |d OCLCO |d OCLCF |d OCLCQ |d ORE |d EBLCP |d UKMGB |d N$T |d IEEEE |d OCL | ||
| 015 | |a GBC1D3682 |2 bnb | ||
| 016 | 7 | |a 020292016 |2 Uk | |
| 019 | |a 1273974506 |a 1276783694 |a 1276862184 | ||
| 020 | |a 9781839214707 |q (electronic bk.) | ||
| 020 | |a 1839214708 |q (electronic bk.) | ||
| 020 | |z 9781839212932 | ||
| 024 | 8 | |a 9781839212932 | |
| 029 | 0 | |a AU@ |b 000070307758 | |
| 029 | 1 | |a UKMGB |b 020292016 | |
| 035 | |a (OCoLC)1288626909 |z (OCoLC)1273974506 |z (OCoLC)1276783694 |z (OCoLC)1276862184 | ||
| 037 | |a 9781839212932 |b O'Reilly Media | ||
| 037 | |a 10163020 |b IEEE | ||
| 050 | 4 | |a TK5105.88813 |b .O34 2021 | |
| 082 | 0 | 4 | |a 005.8 |2 23 |
| 049 | |a UAMI | ||
| 100 | 1 | |a Okeyode, David, |e author. | |
| 245 | 1 | 0 | |a Penetration testing Azure for ethical hackers : |b develop practical skills to perform pentesting and risk assessment of Microsoft Azure environments / |c David Okeyode, Karl Fosaaen. |
| 264 | 1 | |a Birmingham, UK : |b Packt>, |c 2021. | |
| 264 | 4 | |c ©2021 | |
| 300 | |a 1 online resource (xvii, 332 pages) : |b color illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 504 | |a Includes bibliographical references and index. | ||
| 588 | |a Description based on online resource; title from digital title page (viewed November 25, 2021). | ||
| 505 | 0 | |a Cover -- Title Page -- Dedicated -- Foreword -- Contributors -- Table of Contents -- Copyright and Credits -- Section 1: Understanding the Azure Platform and Architecture -- Chapter 1: Azure Platform and Architecture Overview -- Technical requirements -- The basics of Microsoft's Azure infrastructure -- Azure clouds and regions -- Azure resource management hierarchy -- An overview of Azure services -- Understanding the Azure RBAC structure -- Security principals -- Role definition -- Role assignment -- Accessing the Azure cloud -- Azure portal -- Azure CLI -- PowerShell -- Azure REST APIs | |
| 505 | 8 | |a Azure Resource Manager -- Summary -- Further reading -- Chapter 2: Building Your Own Environment -- Technical requirements -- Creating a new Azure tenant -- Hands-on exercise: Creating an Azure tenant -- Hands-on exercise: Creating an Azure admin account -- Deploying a pentest VM in Azure -- Hands-on exercise: Deploying your pentest VM -- Hands-on exercise: Installing WSL on your pentest VM -- Hands-on exercise: Installing the Azure and Azure AD PowerShell modules on your pentest VM -- Hands-on exercise: Installing the Azure CLI on your pentest VM (WSL) -- Azure penetration testing tools | |
| 505 | 8 | |a Subdomain takeovers -- Identifying vulnerabilities in public-facing services -- Configuration-related vulnerabilities -- Hands-on exercise -- identifying misconfigured blob containers using MicroBurst -- Patching-related vulnerabilities -- Code-related vulnerabilities -- Finding Azure credentials -- Guessing Azure AD credentials -- Introducing MSOLSpray -- Hands-on exercise -- guessing Azure Active Directory credentials using MSOLSpray -- Conditional Access policies -- Summary -- Further reading -- Section 2: Authenticated Access to Azure -- Chapter 4: Exploiting Reader Permissions | |
| 505 | 8 | |a Technical requirements -- Preparing for the Reader exploit scenarios -- Gathering an inventory of resources -- Introducing PowerZure -- Hands-on exercise -- gathering subscription access information with PowerZure -- Hands-on exercise -- enumerating subscription information with MicroBurst -- Reviewing common cleartext data stores -- Evaluating Azure Resource Manager (ARM) deployments -- Hands-on exercise -- hunting credentials in resource group deployments -- Exploiting App Service configurations -- Escalating privileges using a misconfigured service principal | |
| 505 | 8 | |a Hands-on exercise -- escalating privileges using a misconfigured service principal | |
| 520 | |a Chapter 3: Finding Azure Services and Vulnerabilities -- Technical requirements -- Guidelines for Azure penetration testing -- Azure penetration test scopes -- Anonymous service identification -- Test at your own risk -- Azure public IP address ranges -- Hands-on exercise - parsing Azure public IP addresses using PowerShell -- Azure platform DNS suffixes -- Hands-on exercise - using MicroBurst to enumerate PaaS services -- Custom domains and IP ownership -- Introducing Cloud IP Checker -- Hands-on exercise - determining whether custom domain services are hosted in Azure. | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Microsoft Azure (Computing platform) | |
| 650 | 0 | |a Penetration testing (Computer security) | |
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 6 | |a Tests d'intrusion. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 7 | |a Microsoft Azure (Computing platform) |2 fast |0 (OCoLC)fst01940548 | |
| 650 | 7 | |a Computer networks |x Security measures. |2 fast |0 (OCoLC)fst00872341 | |
| 650 | 7 | |a Penetration testing (Computer security) |2 fast |0 (OCoLC)fst01789566 | |
| 700 | 1 | |a Fosaaen, Karl, |e author. | |
| 776 | 0 | 8 | |i Print version: |a Okeyode, David |t Penetration Testing Azure for Ethical Hackers |d Birmingham : Packt Publishing, Limited,c2021 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9781839212932/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL6738637 | ||
| 938 | |a EBSCOhost |b EBSC |n 3044811 | ||
| 994 | |a 92 |b IZTAP | ||