diff --git a/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.md b/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.md
new file mode 100644
index 000000000..c5f42f0fd
--- /dev/null
+++ b/src/pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.md
@@ -0,0 +1,22 @@
+# Az - Container Registry Unauth
+
+{{#include ../../../banners/hacktricks-training.md}}
+
+## Container Registry Unauth
+
+Para mais informações sobre o registro de contêiner, consulte:
+
+{{#ref}}
+../az-services/az-container-registry.md
+{{#endref}}
+
+### Acesso Anônimo de Pull
+
+É possível **permitir acesso anônimo de pull a imagens** dentro de um registro.
+```bash
+# Authorize anonymous pulls
+az acr update --name <registry-name> --anonymous-pull-enabled true
+```
+Então, **qualquer pessoa que conheça o nome do registro** pode puxar imagens de `<registry-name>.azurecr.io`.
+
+{{#include ../../../banners/hacktricks-training.md}}