diff --git a/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.md b/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.md
new file mode 100644
index 000000000..cdbca06f5
--- /dev/null
+++ b/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.md
@@ -0,0 +1,22 @@
+# Az - Container Registry Unauth
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## Container Registry Unauth
+
+Für weitere Informationen über das Container-Registry siehe:
+
+{{#ref}}
+../az-services/az-container-registry.md
+{{#endref}}
+
+### Anonymer Pull-Zugriff
+
+Es ist möglich, **anonymen Pull-Zugriff auf Images** innerhalb eines Registrys zu **erlauben**.
+```bash
+# Authorize anonymous pulls
+az acr update --name <registry-name> --anonymous-pull-enabled true
+```
+Dann kann **jeder, der den Registrynamen kennt**, Bilder von `<registry-name>.azurecr.io` abrufen.
+
+{{#include ../../../banners/hacktricks-training.md}}