Course curriculum

    1. Intro - Penetration Testing Rules of Engagement

    2. ASM vs ARM

    3. Azure Active Directory

    4. Integration with on-premises Active Directory

    5. Azure AD security features

    6. Kill chain roles

    7. Create office 365 and azure account

    8. Download All Tools

    1. Unauthenticated Recon - User Enum

    2. Unauthenticated Recon - Password Spraying

    3. Unauthenticated Recon - onedrive_user_enum

    4. Unauthenticated Recon - cloud_enum

    5. Authenticated Recon - Az PowerShell Module

    6. Authenticated Recon - AzureAD PowerShell

    7. Authenticated recon - ROADtools - 1

    8. Authenticated recon - o365recon - 2

    9. Authenticated recon - Powerzure - 3

    1. Authenticated recon Role Abuse- Reader RunBook

    2. Authenticated recon Role Abuse - Reader Blob Storage

    3. Authenticated Recon Role Abuse - Blob Storage

    4. Authenticated Recon Role Abuse - Contributor

    5. Authenticated Recon Role Abuse - Contributor shell

    6. Azure AD - Sign in with a service principal

    7. Looking for Tokens

    8. Abusing Dynamic Groups In Azure

    1. Phishing Campaign - 1 deploying Ubuntu

    2. Phishing Campaign - configuring 2 evilginx2

    3. Phishing Campaign - phishing user password - 3

    4. Phishing Campaign - ByPass MFA with Cookies - 4

    5. Phishing - 365 Stealer - Setting Up and App 1

    6. Phishing - 365 Stealer - Phishing and App Overview 2

    7. Phishing - Word Document Macros - Reverse Shell

    1. AutomatedLab Install and Setup

    2. AutomatedLab Going Over The Code

    3. lab.ps1

    4. Installing Azure AD Connect

    5. Configure Azure AD Connect

    1. Seamless Single Sign-On (SSO) Install

    2. Azure AD Connect - Seamless Single Sign On Silver Ticket

    3. Azure AD Connect - Password extraction 2 - XPN

    4. DCSync attack with MSOL Password - mimikatz

About this course

  • $30.00
  • 41 lessons
  • 5.5 hours of video content

What Users Say About Us

“This was a fun course. The teacher put a lot of time and effort towards this course. It is easy to follow, and I recommend anyone to also purchase the lab, which is key to learn everything. ”

Pentester

Vasim

“The course was great and easy to follow along. I thought I wasn't going to learn much since I have taken other courses, but I was wrong!! My favorite part was the MSSQL and the ADCS exploits! ”

Network Security Engineer

Martin G

“Yes, it was a great course! It was long but definitely worth! I learned a lot of new skills that is going to help myself and my company. Also, the fact that there is a lab you can follow. It is awesome!!!!”

Cyber Security Analyst

Nilesh