diff --git a/src/SUMMARY.md b/src/SUMMARY.md
index 11d60f589..c9736abf4 100644
--- a/src/SUMMARY.md
+++ b/src/SUMMARY.md
@@ -142,7 +142,7 @@
     - [GCP - Logging Persistence](pentesting-cloud/gcp-security/gcp-persistence/gcp-logging-persistence.md)
     - [GCP - Secret Manager Persistence](pentesting-cloud/gcp-security/gcp-persistence/gcp-secret-manager-persistence.md)
     - [GCP - Storage Persistence](pentesting-cloud/gcp-security/gcp-persistence/gcp-storage-persistence.md)
-    - [GCP - Token Persistance](pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md)
+    - [GCP - Token Persistence](pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.md)
   - [GCP - Services](pentesting-cloud/gcp-security/gcp-services/README.md)
     - [GCP - AI Platform Enum](pentesting-cloud/gcp-security/gcp-services/gcp-ai-platform-enum.md)
     - [GCP - API Keys Enum](pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.md)
@@ -458,8 +458,8 @@
     - [Az - Function Apps Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-function-apps-post-exploitation.md)
     - [Az - Key Vault Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.md)
     - [Az - Logic Apps Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.md)
-    - [Az - MySQL](pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.md)
-    - [Az - PostgreSQL](pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.md)
+    - [Az - MySQL Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.md)
+    - [Az - PostgreSQL Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.md)
     - [Az - Queue Storage Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.md)
     - [Az - Service Bus Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.md)
     - [Az - Table Storage Post Exploitation](pentesting-cloud/azure-security/az-post-exploitation/az-table-storage-post-exploitation.md)
@@ -489,8 +489,8 @@
   - [Az - Persistence](pentesting-cloud/azure-security/az-persistence/README.md)
     - [Az - Automation Accounts Persistence](pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.md)
     - [Az - Cloud Shell Persistence](pentesting-cloud/azure-security/az-persistence/az-cloud-shell-persistence.md)
-    - [Az - Queue SQL Persistence](pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md)
-    - [Az - Queue Storage Persistence](pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md)
+    - [Az - Queue SQL Persistence](pentesting-cloud/azure-security/az-persistence/az-sql-persistence.md)
+    - [Az - Queue Storage Persistence](pentesting-cloud/azure-security/az-persistence/az-queue-persistence.md)
     - [Az - VMs Persistence](pentesting-cloud/azure-security/az-persistence/az-vms-persistence.md)
     - [Az - Storage Persistence](pentesting-cloud/azure-security/az-persistence/az-storage-persistence.md)
   - [Az - Device Registration](pentesting-cloud/azure-security/az-device-registration.md)
diff --git a/src/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md b/src/pentesting-cloud/azure-security/az-persistence/az-queue-persistence.md
similarity index 100%
rename from src/pentesting-cloud/azure-security/az-persistence/az-queue-persistance.md
rename to src/pentesting-cloud/azure-security/az-persistence/az-queue-persistence.md
diff --git a/src/pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md b/src/pentesting-cloud/azure-security/az-persistence/az-sql-persistence.md
similarity index 100%
rename from src/pentesting-cloud/azure-security/az-persistence/az-sql-persistance.md
rename to src/pentesting-cloud/azure-security/az-persistence/az-sql-persistence.md
diff --git a/src/pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.md b/src/pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.md
index 9b9d44361..60bed2022 100644
--- a/src/pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.md
+++ b/src/pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.md
@@ -20,17 +20,6 @@ az mysql flexible-server db create \
   --database-name <database_name>
 ```
 
-### `Microsoft.DBforMySQL/flexibleServers/backups/write`
-
-With this permission, you can initiate the creation of backups for a MySQL Flexible Server instance on Azure. This allows users to generate on-demand backups, which can be useful for preserving data at specific points in time.
-
-```bash
-az mysql flexible-server backup create \
-  --name <server_name> \
-  --resource-group <resource_group_name>
-  --backup-name <backup_name>
-```
-
 ### `Microsoft.DBforMySQL/flexibleServers/advancedThreatProtectionSettings/write`
 
 With this permission, you can configure or update the Advanced Threat Protection (ATP) settings for a MySQL Flexible Server instance on Azure. This allows enabling or diabling security features designed to detect and respond to anomalous activities and potential threats.
diff --git a/src/pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.md b/src/pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.md
index 2e7db4993..ce5530bb7 100644
--- a/src/pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.md
+++ b/src/pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.md
@@ -9,6 +9,16 @@ For more information about PostgreSQL Database check:
 ../az-services/az-postgresql.md
 {{#endref}}
 
+### Use pg_azure_storage extension to access Storage accounts
+
+It's possible to use the extension **`pg_azure_storage` to access Azure Storage accounts** from a PostgreSQL server. This will use the permissions of the managed identity assigned to the server to access the storage account.
+
+For more information check this technique explained in the privilege escalation section:
+
+{{#ref}}
+../az-privilege-escalation/az-postgresql-privesc.md
+{{#endref}}
+
 ### `Microsoft.DBforPostgreSQL/flexibleServers/databases/write` && `Microsoft.DBforPostgreSQL/flexibleServers/databases/read`
 
 With this permission, you can create new databases within a Postgres Flexible Server instance on Azure. While this action itself does not modify existing resources, excessive or unauthorized creation of databases could lead to resource consumption, or potential misuse of the server.
@@ -20,16 +30,6 @@ az postgres flexible-server db create \
   --database-name <database_name>
 ```
 
-### `Microsoft.DBforPostgreSQL/flexibleServers/backups/write`
-
-With this permission, you can initiate the creation of backups for a Postgres Flexible Server instance on Azure. This allows users to generate on-demand backups, which can be useful for preserving data at specific points in time.
-
-```bash
-az postgres flexible-server backup create \
-  --name <server_name> \
-  --resource-group <resource_group_name>
-  --backup-name <backup_name>
-```
 
 ### `Microsoft.DBforPostgreSQL/flexibleServers/advancedThreatProtectionSettings/write` && `Microsoft.DBforPostgreSQL/flexibleServers/advancedThreatProtectionSettings/read`
 
diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.md
index 0c7962fd2..e080b96ed 100644
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.md
@@ -11,7 +11,7 @@ For more information about SQL Database check:
 
 ### `Microsoft.DBforMySQL/flexibleServers/read` && `Microsoft.DBforMySQL/flexibleServers/write`
 
-With this permission, you can create, update, or delete MySQL Flexible Server instances on Azure. This includes provisioning new servers, modifying existing server configurations, or decommissioning servers.
+With this permission, you can create, update, or delete MySQL Flexible Server instances on Azure. This includes provisioning new servers, modifying existing server configurations, decommissioning servers or changing the admins user's password.
 
 ```bash
 az mysql flexible-server create \
diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.md
index 3f7be9bb4..32cff6c78 100644
--- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.md
+++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.md
@@ -11,7 +11,7 @@ For more information about SQL Database check:
 
 ### `Microsoft.DBforPostgreSQL/flexibleServers/read` && `Microsoft.DBforPostgreSQL/flexibleServers/write`
 
-With this permission, you can create, update, or delete PostgreSQL Flexible Server instances on Azure. This includes provisioning new servers, modifying existing server configurations, or decommissioning servers.
+With this permission, you can create, update, or delete PostgreSQL Flexible Server instances on Azure. This includes provisioning new servers, modifying existing server configurations, decommissioning servers, or change the admin user's password.
 
 ```bash
 az postgres flexible-server create \
@@ -35,7 +35,7 @@ az postgres flexible-server update \
     --admin-password <password_to_update>
 ```
 
-Furthermore, with the permissions you can enalbe the assign identity, an opertate with the managed identity attached to the server. Here you can find all the extensions that Azure PostgreSQL flexible server supports [https://learn.microsoft.com/en-us/azure/cosmos-db/postgresql/reference-extensions](https://learn.microsoft.com/en-us/azure/cosmos-db/postgresql/reference-extensions). To be able to use these extensions some server parameters (azure.extensions) need to be changed. For example here with a managed identity that can access Azure Storage:
+Furthermore, with the permissions you can enable the assigned identity, and operate with the managed identity attached to the server. Here you can find all the extensions that Azure PostgreSQL flexible server supports [https://learn.microsoft.com/en-us/azure/cosmos-db/postgresql/reference-extensions](https://learn.microsoft.com/en-us/azure/cosmos-db/postgresql/reference-extensions). To be able to use these extensions some server parameters (azure.extensions) need to be changed. For example here with a managed identity that can access Azure Storage:
 
 First we change the parameters and be sure the assigned identity is enabled:
 ```bash
diff --git a/src/pentesting-cloud/azure-security/az-services/az-mysql.md b/src/pentesting-cloud/azure-security/az-services/az-mysql.md
index 7819cc0d7..88f08c70a 100644
--- a/src/pentesting-cloud/azure-security/az-services/az-mysql.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-mysql.md
@@ -15,11 +15,17 @@ Azure Database for MySQL is a fully managed relational database service based on
  - Features elastic scaling, patch management, and workload optimization.
  - Offers stop/start functionality for cost savings.
 
-### Key Features
-* **Server Management**: The **ad-admin** feature allows managing Azure Entra ID administrators for MySQL servers, providing control over administrative access via Entra ID credentials. Mysql supports User Managed Identities, used to autenticate without the need of credentials, and can be used by other services.
-* **Lifecycle Management**: options to start or stop a server, delete a flexible server instance, restart a server to quickly apply configuration changes, and wait to ensure a server meets specific conditions before proceeding with automation scripts.
-* **Security and Networking**: Secure your server by restricting connections through firewall rules that only allow specific public IP addresses, or by using private endpoints that integrate your server into a virtual network. All connections are protected with TLS 1.2 encryption. Databases, backups, and logs are encrypted at rest by default using service-managed keys or custom keys. 
-* **Data Protection and Backup**: includes options to manage flexible server backups for data recovery, perform geo-restore to recover a server in a different region, export server backups for external use (in Preview), and restore a server from backup to a specific point in time.
+### Security Features
+
+**The options are very similar to an Azure SQL Server.**
+
+* **Authentication**: It’s possible to configure the authentication as MySQL auth only, Entra ID auth only or both MySQL and Entra ID auth. 
+  * If MySQL auth is enabled it’ll be possible to login with username + password
+  * If Entrad ID is configured the MySQL requires a user-assigned MI with enough permissions mentioned **[here](https://learn.microsoft.com/en-us/azure/mysql/flexible-server/how-to-azure-ad#configure-the-microsoft-entra-admin)** and an Entra ID principal must be selected as admin.
+* **Networking**: It’s possible to allow public access indicating allowed IP addresses and private endpoints can also be used. Moreover it’s possible to allow access from any Azure service and configure more firewall rules.
+* **Encryption**: All connections are protected with TLS 1.2 encryption. Databases, backups, and logs are encrypted at rest by default using service-managed keys but custom keys could also be used.
+* **Data Protection and Backup**: Includes options to manage flexible server backups for data recover, and restore a server from backup to a specific point in time.
+
 
 ### Enumeration
 
@@ -27,7 +33,7 @@ Azure Database for MySQL is a fully managed relational database service based on
 {{#tab name="az cli" }}
 ```bash
 # List all flexible-servers
-az mysql flexible-server db list --resource-group <resource-group-name>
+az mysql flexible-server list --resource-group <resource-group-name>
 # List databases in a flexible-server
 az mysql flexible-server db list --resource-group <resource-group-name> --server-name <server_name>
 # Show specific details of a MySQL database
diff --git a/src/pentesting-cloud/azure-security/az-services/az-queue.md b/src/pentesting-cloud/azure-security/az-services/az-queue.md
index 3fbcd8fbc..49551049e 100644
--- a/src/pentesting-cloud/azure-security/az-services/az-queue.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-queue.md
@@ -83,7 +83,7 @@ $queueMessage.Value
 ### Persistence
 
 {{#ref}}
-../az-persistence/az-queue-persistance.md
+../az-persistence/az-queue-persistence.md
 {{#endref}}
 
 ## References
diff --git a/src/pentesting-cloud/azure-security/az-services/az-sql.md b/src/pentesting-cloud/azure-security/az-services/az-sql.md
index ddf9e35c9..930204e65 100644
--- a/src/pentesting-cloud/azure-security/az-services/az-sql.md
+++ b/src/pentesting-cloud/azure-security/az-services/az-sql.md
@@ -343,7 +343,7 @@ sqlcmd -S <sql-server>.database.windows.net -U <server-user> -P <server-passwork
 ### Persistence
 
 {{#ref}}
-../az-persistence/az-sql-persistance.md
+../az-persistence/az-sql-persistence.md
 {{#endref}}
 
 {{#include ../../../banners/hacktricks-training.md}}
diff --git a/src/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md b/src/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.md
similarity index 99%
rename from src/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md
rename to src/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.md
index 3bcff09c0..2e81547ca 100644
--- a/src/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistance.md
+++ b/src/pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.md
@@ -1,4 +1,4 @@
-# GCP - Token Persistance
+# GCP - Token Persistence
 
 {{#include ../../../banners/hacktricks-training.md}}
 
diff --git a/src/pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md b/src/pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md
index 4d562a1f5..2112f8ebb 100644
--- a/src/pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md
+++ b/src/pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/README.md
@@ -133,7 +133,7 @@ Check **more enumeration in**:
 You can find further information about the `gcloud` flow to login in:
 
 {{#ref}}
-../gcp-persistence/gcp-non-svc-persistance.md
+../gcp-persistence/gcp-non-svc-persistence.md
 {{#endref}}
 
 As explained there, gcloud can request the scope **`https://www.googleapis.com/auth/drive`** which would allow a user to access the drive of the user.\
diff --git a/src/pentesting-cloud/workspace-security/gws-google-platforms-phishing/README.md b/src/pentesting-cloud/workspace-security/gws-google-platforms-phishing/README.md
index b190a3685..153f88c05 100644
--- a/src/pentesting-cloud/workspace-security/gws-google-platforms-phishing/README.md
+++ b/src/pentesting-cloud/workspace-security/gws-google-platforms-phishing/README.md
@@ -146,7 +146,7 @@ Go to **`http://localhost:8000`** click on the Login with Google button, you wil
 The application will show the **access and refresh token** than can be easily used. For more information about **how to use these tokens check**:
 
 {{#ref}}
-../../gcp-security/gcp-persistence/gcp-non-svc-persistance.md
+../../gcp-security/gcp-persistence/gcp-non-svc-persistence.md
 {{#endref}}
 
 #### Using `glcoud`