Azure Cloud Security Lab – Ethical Hacking Essentials

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off

One annual plan covers every course and certificate on Coursera. 40% off for a limited time.

This course features Coursera Coach! A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course. This course explores ethical hacking and pentesting techniques in the Azure cloud environment. You’ll start by setting up your pentesting lab with Microsoft 365 and Azure’s free tools, followed by techniques for reconnaissance and identifying targets in Azure. You'll learn domain discovery, user enumeration, and Azure Active Directory. You will also master initial access techniques, including brute force, password spraying, and phishing using EvilGinx. The course covers exploiting Azure Blob storage vulnerabilities and methods for mitigating these attacks. Security measures like Conditional Access and Identity Protection will strengthen defences against common cloud-based threats. This course is for security professionals, ethical hackers, and cloud admins. Basic knowledge of cloud environments and penetration testing is recommended. By the end of the course, you will have the skills to set up a pentesting lab, perform attacks, and secure Azure environments.

Syllabus

Introduction

This section will introduce you to the core principles of the course, detailing the goals and learning outcomes. You will gain an overview of the skills and tools you will use throughout the training to understand and perform ethical hacking and initial access techniques in Azure.

Setting Up Your Pentesting Lab Environment

This section will guide you through setting up a fully functional pentesting lab within Azure. You will configure accounts, manage Azure subscriptions, and secure your pentesting environments to ensure a safe, ethical approach for cloud security testing.

Azure Reconnaissance - Identifying Targets and Gathering Intel

This section focuses on the reconnaissance phase of penetration testing in Azure. You will learn how to identify critical targets, gather intel on Azure resources, and assess Azure environments from both internal and external perspectives. Techniques like user enumeration, domain discovery, and analyzing AAD internals will be explored in depth.

Cracking the Cloud - Initial Access Techniques in Azure

This section dives into hands-on attacks aimed at gaining initial access in Azure environments. You will perform various attack techniques, such as brute force and password spraying, set up phishing infrastructure with EvilGinx to bypass MFA, and learn about storage account exploitation. These techniques will be demonstrated step-by-step.

Cloud Security Options for Mitigation and Prevention

This section focuses on defense mechanisms and mitigation strategies for securing Azure environments. You will explore how to protect against common attack vectors, such as brute force, password spraying, and phishing attacks, using Azure's built-in security features like Conditional Access, Identity Protection, and Blob storage security.