Vaibhav Lakhani
Description
Training Breakdown
What You’ll Learn
What You’ll Need
What We Provide
Who Should Attend
Trainer Profile
Training Title:
Hacking Azure: From Zero to Cloud Admin
Offensive Cloud Security Training
Training Schedule:
Duration: 2 Days (16 Hours)
Start Date: 24 September 2026
End Date: 25 September 2026
Training Details:
Level: Beginner to Intermediate
Track: Offensive Security / Cloud Security
Overview
Azure has become the backbone of modern enterprise infrastructure, shifting the attack surface from traditional network perimeters to identity and permission layers.
This training is designed to bridge the gap between traditional security testing and cloud offensive operations. Participants will gain hands-on experience attacking real Azure environments, understanding identity abuse, privilege escalation, lateral movement, and persistence techniques.
The course combines structured modules with a full-scale Capture The Flag (CTF) scenario, enabling students to apply techniques in a real-world attack simulation.
Each participant receives a dedicated Azure tenant — no shared labs, no simulations — ensuring realistic exposure to misconfigurations seen in real engagements.
Training Structure
Day 1 – Azure Foundations & Attack Surface
- • Azure architecture & tenant fundamentals
- • Identity & authentication flows
- • ARM permission model & escalation paths
- • Web application exploitation
- • Tenant enumeration & attack path mapping
- • Storage account abuse
- • Key Vault & deployment secrets extraction
- • Automation Accounts & escalation
Day 2 – Advanced Attacks & CTF
- • Azure DevOps pipeline exploitation
- • Function Apps & Logic Apps abuse
- • Container instance exploitation
- • Persistence techniques
Operation Cloud Heist (CTF)
- • Full kill-chain simulation
- • 10 flags across real attack scenarios
- • Live walkthrough
Hands-On Labs
- • Dedicated Azure tenant per student
- • Real-world misconfigurations
- • Tools: Azure CLI, AzureHound, BloodHound, ROADtools, Burp Suite
What You Will Learn
- • Azure identity model (Entra ID, RBAC, service principals, managed identities)
- • Exploiting web vulnerabilities for cloud access
- • Azure tenant enumeration using AzureHound & BloodHound
- • Privilege escalation via Automation Accounts
- • Abuse of Storage Accounts & Key Vault
- • Lateral movement across Azure services
- • Persistence techniques in Azure environments
- • End-to-end cloud attack chain execution
- • Writing professional Azure pentest reports
Prerequisites & Requirements
- • Basic terminal usage
- • No prior Azure experience required
- • Laptop with VirtualBox or VMware installed
- • Stable Internet access
What You Get
- • Lab VM with tools
- • Lab guide
- • Reference materials
- • CTF access
- • Certificate
Who Should Attend
- • Penetration testers
- • Red teamers
- • Security analysts
- • Cloud engineers / DevOps
- • Bug bounty hunters
Trainer Profile
Vaibhav Lakhani
Senior Consultant – Offensive Security