top of page
attacking and defending

Attacking and Defending Azure Cloud: Advanced Edition [July 2024]

Take your Azure Red Team skills to the next level. Get trained in Azure pentesting, Red Teaming and Defense against an enterprise-like live Azure environment with focus on OPSEC and bypassing defenses. Earn the Certified Azure Red Team Expert (CARTE) certification.

Starts: 5th July 2024  Duration: 4 weeks
Recordings of live sessions included!

Enrollment Closed
CARTE Certificate

What You Will Learn

This advanced bootcamp is designed to help security professionals in understand, analyze and practice attacks in an enterprise-like live Azure environment that has effective security controls in place. 
You will be able to practice and sharpen popular tactics, techniques and procedures (TTPs) for Azure environments. In addition, you will learn how to bypass security controls like Advanced Conditional Access Policies, Multiple ways to bypass MFA that is enforced using different methods, Privileged Identity Management (PIM) and Microsoft Defender for Cloud. 
The class also focuses on abuse of JWT signing, Family of Client IDs (FOCI), Attribute Based Access Control (ABAC), Temporary Access Password (TAP), Custom Claims, Cross Tenant Access, Azure Lighthouse, Azure ARC, Multi-Cloud Access, Tokens form Office Applications and traffic and Abuse of Kerberos in Entra ID.

CARTE Phases

​4 Live Sessions
3.5 Hrs Per Session
4 Weeks Access
40 Flags To Be Collected
> 20 Lab Exercises
1 CARTE Attempt
Recordings Of Live Sessions

Cracked Concrete Wall

Build Your Cybersecurity Credentials

Become a Certified Azure Red Team Expert (CARTE)

A certificate holder has demonstrated expertise in running a red team operation against a highly secure enterprise-like Azure environment. They can assess security controls, analyze their efficacy and recommend mitigations against misconfigurations. Due to hands-on nature of the lab and certification, a certificate holder is ready to use the skills to enhance and improve security posture of an organization.

Bootcamp Completion Certificate

Attendees will also get a course completion certificate after completing Learning Objectives covered during the course.

CARTE.png

Live Session Schedule

Weekly 3.5 hours sessions. 1st session starts at 10:00am ET and end at 1:30pm ET. 

DATE
LIVE SESSIONS
05 July 2024 
Introduction to Azure AD: Service Discovery, Recon, Enumeration and Initial Access Attacks
12 July 2024
Authenticated Enumeration and Privilege Escalation
19 July 2024
Lateral Movement and Persistence Techniques
26 July 2024
Data Mining, Defenses, Monitoring & Auditing and Bypassing Defenses
Cracked Concrete Wall

Prerequisites

1. Basic understanding of Azure AD is desired but not mandatory.
2. System with 4 GB RAM and ability to install OpenVPN client and RDP to Windows boxes.
3. Privileges to disable/change any antivirus or firewall.

Bootcamp Syllabus

The course is split in four modules across four weeks:

Image by Gabriella Clare Marino

Module I:

Introduction to the Attack Methodology

Understanding APIs, Endpoints and Versions

Understanding OAuth, Microsoft Identity Platform and Authorization Flows

Deep dive into Tokens and Claims

Image by Gabriella Clare Marino

Module II:

Initial Access Attacks - Device Code Phishing, Illicit Consent Grant, Attacker In The Middle, Abusing JWT Signing, Abusing Custom Claims, Abusing GitHub Actions and Workflow Discovery and Recon

Enumeration of Azure AD (Entra ID) and Azure

Abusing MS Graph API

Image by Gabriella Clare Marino

Module III:

Privilege Escalation by abusing Family of Client IDs, Certificate Based Authentication, Attribute Based Access Control, Privileged Identity Management, Tampering with Logic Apps, Authentication Cookies, Traffic Interception and more

Lateral Movement by abusing Azure Lighthouse, Cross Tenant Access Settings, Kerberos in Entra ID, Trust between tenants, Multi-Cloud Management, Azure ARC, Token Extraction, Authentication Cookie Forging and Replay etc.


Persistence techniques

Image by Gabriella Clare Marino

Module IV:

Bypassing Defences - Advanced Conditional Access Policies, Multiple ways to bypass MFA that is enforced using different methods, Privileged Identity Management (PIM) and Microsoft Defender for Cloud.
Detecting and Stopping the attacks used in the class using Log Analysis and MS tools like Identity Protection, MFA, Conditional Access and Defender for Cloud.

Bootcamp Syllabus
Image by Stepan Sargsyan
Anchor 1

Purchase Options

Bootcamp

​30 DAYS LAB ACCESS
+
BOOTCAMP
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
​ONE CERTIFICATION EXAM ATTEMPT

$549

Extension

30 DAYS
LAB EXTENSION
+
ONE CERTIFICATION EXAM ATTEMPT

$399

Bootcamp

​60 DAYS LAB ACCESS
+
BOOTCAMP
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
​ONE CERTIFICATION EXAM ATTEMPT

$749

Reattempt


EXAM
REATTEMPT


 

$99

Bootcamp

​90 DAYS LAB ACCESS
+
BOOTCAMP
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
​ONE CERTIFICATION EXAM ATTEMPT

$949

Exam Reattempt is only for existing or past students of this course who have already purchased this course in the past.

Enrollment Closed

Nikhil Mittal

MEET THE INSTRUCTOR

Red Team Lab, Red Team Certifications, Red Team Trainings, Azure Pentesting, Azure Security

Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes red teaming, Azure and active directory security, attack research, defense strategies and post exploitation research. He has 15+ years of experience in red teaming.

He specializes in assessing security risks at secure environments that require novel attack vectors and "out of the box" approach. He has worked extensively on Azure AD, Active Directory attacks, defense and bypassing detection mechanisms. 

Nikhil has trained more than 10000 security professionals in private trainings and at the world’s top information security conferences.


He has spoken/trained at conferences like DEF CON, BlackHat, BruCON and more. 

He is the founder of Altered Security - a company focusing on hands-on enterprise security learning - https://www.alteredsecurity.com/

Can't attend this bootcamp?
Get informed about future bootcamps!

Thanks for subscribing!

bottom of page