- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Go from security novice to ethical hacking expert and discover vulnerabilities before attackers can exploit them with the help of real-world attack simulations and hands-on labs
Key Features
Discover how attackers find and abuse cloud misconfiguration, weak identity controls, and exposed IDs
Learn advanced techniques for privilege escalation, moving across Azure tenants, and maintaining persistence
Stay ahead of evolving threats with cutting-edge attack techniques, automated exploits, and real-world case studies
Purchase of the print or Kindle book includes a free PDF eBook
Book DescriptionThe rapid growth of cloud computing and Microsoft Azure's vast capabilities have made it a prime target for attackers. Penetration Testing Azure for Ethical Hackers is your hands-on guide to staying ahead of these threats by learning how to identify and fix vulnerabilities before they're exploited.
Building on the success of its predecessor, this second edition is fully updated to cover modern attack strategies, sophisticated privilege escalation methods, and emerging Azure security challenges. Starting with the setting up of a dedicated Azure penetration testing environment, the book systematically guides you through reconnaissance methods, lateral movement tactics, and persistence techniques specifically engineered for Azure cloud environments. Through real-world case studies, step-by-step attack simulations, and mitigation strategies, you'll develop practical skills for strengthening your organization's security posture.
By the end, you'll be equipped with the knowledge and technical skills needed to perform advanced Azure security assessments effectively.What you will learn
Set up an Azure pentesting lab personalized for you
Anonymously search for high-risk misconfigurations and vulnerabilities
Execute initial access attacks like credential theft and phishing
Escalate privileges via misconfigured roles and resource policies
Exploit service credentials, access keys, Azure Key Vault, and tokens
Exfiltrate data from Azure Storage, SQL database, and serverless applications
Maintain persistence using Logic Apps, Azure Functions, and identities
Who this book is forThis book is for cybersecurity professionals, penetration testers, cloud security specialists, and IT administrators who want to simulate real-world attacks on Microsoft Azure environments. If you're an Azure administrator, developer, or DevOps engineer looking to secure your infrastructure against potential attackers, this book is an essential guide to identifying and mitigating risks effectively.
Contents
Table of Contents
Azure Platform and Architecture Overview
Building Your Azure Pentesting Environment
Anonymous Discovery and Reconnaissance
Initial Access and Credential Theft
Privilege Escalation Attacks
Hunting and Harvesting Service Credentials
Data Exfiltration Attacks
Code Execution Attacks
Persistence Attacks and Defense Evasion
