The S-Unit

Security in Microsoft 365 en Azure

Target audience

This training is for: 

  • IT professionals with an interest in Azure hacking 
  • (Azure) Cloud engineers with an interest in Azure security 
  • Azure enthusiasts with an interest in ethical hacking

Not sure if this training is for you… contact us.

 

Content

During this training you will learn about recognizing and exploiting Microsoft 365 and Azure-related vulnerabilities that arise from, among other things, misconfigurations and incorrect use of specific resources within such environments. 

During this training you will learn:

  • Global structure of Microsoft 365 and Azure 
  • The most frequent misconfigurations and related vulnerabilities within the Microsoft 365 and Azure environments 
  • Methods to find/exploit vulnerabilities yourself in 
    • The different Microsoft 365 services (Sharepoint, Teams, Power Automate) 
    • Azure AD 
    • Azure services (ARM) 

You will also apply these topics in practice, because you will be hacking a fictitious company yourself.

 

Relevance

More and more organisations use Azure and other Cloud providers without being aware of to what extent and in what way this can increase the attack surface of the organization. The complexity of the Microsoft 365 and Azure environments, with connections between the services and management portals, makes management of the environments very difficult. This complexity makes it easy to make mistakes during deployment and introduce vulnerabilities that can be exploited by malicious parties.  

 

The S-Unit

By hacking Microsoft 365 and Azure yourself you will gain a unique insight into the choices that need to be made during implementation of these kinds of environment and what kind of impact these choices have on the security of the environment. The S-Unit has extensive experience in these kinds of vulnerabilities and wants to share this knowledge with others.

 

Prior knowledge

For this training, participants should have basic experience with the various Microsoft 365 services and Azure.  

 

Included

  • Training material 
  • Lunch 
  • Certificate of participation 

 

You need to bring

A laptop on which:

  • Applications can be installed
  • Powershell can be used

Practice

  • Installation and use of tools
  • Find and exploit vulnerabilities

 

Theory

  • Introduction hacking / pentest framework
    • Pentest Life cycle
  • Differences between Azure AD, ARM / Azure services & Microsoft 365 services
  • Enumeration and identification in Azure AD without authentication. What knowledge can you gain without login details and how can you abuse this?
    • Determine public information (domain, tenant)
    • Establish supporting forms of authentication
    • User enumeration techniques
    • Throttling / rate-limiting bypass techniques
    • MFA bypass techniques
  • Enumeration and identification in Azure AD and M365 with authentication. What knowledge can you gain with login details and how can you abuse this?
    • Enumeration of principals, devices and groups
    • Enumeration of external links, external users, oauth clients, etc
    • Use of Azure APIs
      • Differences between legacy API and new Graph API
    • Abuse of dynamic groups
    • Abuse of roles with sensitive privileges
    • Abuse of public (M365) groups
    • Sensitive data in metadata
  • Introducing Azure hierarchy / services
  • Enumeration ARM unauthenticated and authenticated
    • Standard / Public ARM resources (Sharepoint sites, etc.)
    • Determining used services
    • Common interesting ARM resources (functions, automation, network security groups, VMs, etc.)
    • Use of ARM APIs (differences between Az CLI, Az PowerShell, REST API)
  • Identification in ARM unauthenticated and authenticated
    • What vulnerabilities
      • Find and abuse read and write privileges on sensitive resources
      • Subscriptions
      • VM’s
      • Network security groups
      • Sharepoint / Teams sites
      • UDR’s
      • Managed Identities
      • Etc.
    • Find and abuse default tenant features on resources (soft-delete, locks, etc.)
    • Finding and exploiting features in exposed resources (Sharepoint SOAP services, etc.)

 

Dirk van Veen
Ethical Hacker & Founder - The S-Unit

Dirk van Veen is an ethical hacker and founder of The S-Unit with a master's degree in Computer Security. He started in 2011 as a penetration tester and within The S-Unit he is ultimately responsible for the technical side of all hacking and consultancy activities. Dirk enjoys exploring and finding vulnerabilities in new technologies, such as application frameworks, cloud platforms and low code solutions. In addition to his work at The S-Unit, Dirk regularly organizes hack competitions for Hack in the Box (2012-2019) and Platform for Information Security (2014-present) and he gives weekly ballroom dancing lessons to students in Amsterdam.

Training location

Savannahweg 71, 3542 AW Utrecht.

 

Accessibility

Click here for directions to The S-Unit office.  

 

Lunch

Lunch is included in this training.

 

Start and end time

9:00 am to 5:00 pm CEST.

 

Language

The language of the training is always indicated. If you would like to follow the training in another language, please contact us. If there is sufficient interest, the training will also be offered in other languages..  

 

Are you missing information or do you have special wishes?

Send an email to [email protected] and we contact you!!

Practical information
back-in-time (2) kopiëren
Duration
2 days
Time 2
Time
9:00 am to 5:00 pm CEST
dollar-bill
Costs
€1475,- (excl. VAT)
speech-bubble (5)
Language
Dutch
pin (8)
Location
Office The S-Unit
Dates 2024

No event found!

Reviews
Roy - Security Engineer (ING)
12 april 2023
Read More
Very fun and informative training. Dirk and Kevin showed me in an educational way what hacking is possible with Azure and Office 365. Excellent balance between theory and practical exercises. 👌🏻