gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-06 12:51:19 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update pentesting-cloud-methodology.md structure

Browse Source 
Removed sections on Attack Graph and Office365, and added a section on Common Cloud Security Features.
This commit is contained in:
SirBroccoli
2025-11-15 17:27:13 +01:00
committed by GitHub
parent a02f8ad45e
commit 293ae05fb9
1 changed files with 2 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/pentesting-cloud/pentesting-cloud-methodology.md
View File

@@ -446,16 +446,9 @@ aws-security/
azure-security/ azure-security/
{{#endref}} {{#endref}}
### Attack Graph ## Common Cloud Security Features
[**Stormspotter** ](https://github.com/Azure/Stormspotter)creates an “attack graph” of the resources in an Azure subscription. It enables red teams and pentesters to visualize the attack surface and pivot opportunities within a tenant, and supercharges your defenders to quickly orient and prioritize incident response work. ### Confidential Computing
### Office365
You need **Global Admin** or at least **Global Admin Reader** (but note that Global Admin Reader is a little bit limited). However, those limitations appear in some PS modules and can be bypassed accessing the features **via the web application**.
## Confidential Computing
{{#ref}} {{#ref}}
confidential-computing/luks2-header-malleability-null-cipher-abuse.md confidential-computing/luks2-header-malleability-null-cipher-abuse.md