Security in Microsoft 365 en Azure
Target audience
This training is for:
- IT professionals with an interest in Azure hacking
- (Azure) Cloud engineers with an interest in Azure security
- Azure enthusiasts with an interest in ethical hacking
Not sure if this training is for you… contact us.
Content
During this training you will learn about recognizing and exploiting Microsoft 365 and Azure-related vulnerabilities that arise from, among other things, misconfigurations and incorrect use of specific resources within such environments.
During this training you will learn:
- Global structure of Microsoft 365 and Azure
- The most frequent misconfigurations and related vulnerabilities within the Microsoft 365 and Azure environments
- Methods to find/exploit vulnerabilities yourself in
- The different Microsoft 365 services (Sharepoint, Teams, Power Automate)
- Azure AD
- Azure services (ARM)
You will also apply these topics in practice, because you will be hacking a fictitious company yourself.
Relevance
More and more organisations use Azure and other Cloud providers without being aware of to what extent and in what way this can increase the attack surface of the organization. The complexity of the Microsoft 365 and Azure environments, with connections between the services and management portals, makes management of the environments very difficult. This complexity makes it easy to make mistakes during deployment and introduce vulnerabilities that can be exploited by malicious parties.
The S-Unit
By hacking Microsoft 365 and Azure yourself you will gain a unique insight into the choices that need to be made during implementation of these kinds of environment and what kind of impact these choices have on the security of the environment. The S-Unit has extensive experience in these kinds of vulnerabilities and wants to share this knowledge with others.
Prior knowledge
For this training, participants should have basic experience with the various Microsoft 365 services and Azure.
Included
- Training material
- Lunch
- Certificate of participation
You need to bring
A laptop on which:
- Applications can be installed
- Powershell can be used
Practice
- Installation and use of tools
- Find and exploit vulnerabilities
Theory
- Introduction hacking / pentest framework
- Pentest Life cycle
- Differences between Azure AD, ARM / Azure services & Microsoft 365 services
- Enumeration and identification in Azure AD without authentication. What knowledge can you gain without login details and how can you abuse this?
- Determine public information (domain, tenant)
- Establish supporting forms of authentication
- User enumeration techniques
- Throttling / rate-limiting bypass techniques
- MFA bypass techniques
- Enumeration and identification in Azure AD and M365 with authentication. What knowledge can you gain with login details and how can you abuse this?
- Enumeration of principals, devices and groups
- Enumeration of external links, external users, oauth clients, etc
- Use of Azure APIs
- Differences between legacy API and new Graph API
- Abuse of dynamic groups
- Abuse of roles with sensitive privileges
- Abuse of public (M365) groups
- Sensitive data in metadata
- Introducing Azure hierarchy / services
- Enumeration ARM unauthenticated and authenticated
- Standard / Public ARM resources (Sharepoint sites, etc.)
- Determining used services
- Common interesting ARM resources (functions, automation, network security groups, VMs, etc.)
- Use of ARM APIs (differences between Az CLI, Az PowerShell, REST API)
- Identification in ARM unauthenticated and authenticated
- What vulnerabilities
- Find and abuse read and write privileges on sensitive resources
- Subscriptions
- VM’s
- Network security groups
- Sharepoint / Teams sites
- UDR’s
- Managed Identities
- Etc.
- Find and abuse default tenant features on resources (soft-delete, locks, etc.)
- Finding and exploiting features in exposed resources (Sharepoint SOAP services, etc.)
- What vulnerabilities
Dirk van Veen
Ethical Hacker & Founder - The S-Unit
Dirk van Veen is an ethical hacker and founder of The S-Unit with a master's degree in Computer Security. He started in 2011 as a penetration tester and within The S-Unit he is ultimately responsible for the technical side of all hacking and consultancy activities. Dirk enjoys exploring and finding vulnerabilities in new technologies, such as application frameworks, cloud platforms and low code solutions. In addition to his work at The S-Unit, Dirk regularly organizes hack competitions for Hack in the Box (2012-2019) and Platform for Information Security (2014-present) and he gives weekly ballroom dancing lessons to students in Amsterdam.
Training location
Savannahweg 71, 3542 AW Utrecht.
Accessibility
Click here for directions to The S-Unit office.
Lunch
Lunch is included in this training.
Start and end time
9:00 am to 5:00 pm CEST.
Language
The language of the training is always indicated. If you would like to follow the training in another language, please contact us. If there is sufficient interest, the training will also be offered in other languages..
Are you missing information or do you have special wishes?
Send an email to [email protected] and we contact you!!
1 Review (5 out of 5)
Roy – ING
Security Engineer
12 april 2023
Very fun and informative training. Dirk and Kevin showed me in an educational way what hacking is possible with Azure and Office 365. Excellent balance between theory and practical exercises. 👌🏻
Write a review
Practical information
Duration
2 days
Dates 2024
22 & 29 mei
5 & 12 september
12 & 19 november
Time
9:00 am to 5:00 pm CEST
Costs
€1475,- (excl. VAT)
Language
Dutch
See tab "more information"
Location
Office The S-Unit
Practical information
Text
Duration
2 days
Dates 2024
22 & 29 mei
5 & 12 september
12 & 19 november
Time
9:00 am to 5:00 pm CEST
Costs
€1475,-
(excl. BTW)
Language
Dutch
See tab "more information"
Location
Kantoor
The S-Unit
Would you like to know more about the services of The S-Unit? Or do you have another S-ential question for us?