Once you have a signed scope agreement in hand and have notified Microsoft, it’s time to gain privileged access to the target subscriptions. This chapter focuses on how to obtain credentials for an Azure subscription from a legitimate user or service. We start by looking at the different mechanisms Azure uses to control access to subscriptions, and how deployments and permissions are managed. Next, we cover common places where Azure credentials can be found, and how to capture them. Finally, we look at two-factor authentication, which may be in use to provide additional protection for a subscription, and then examine several ways ...

Get Pentesting Azure Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.