# Cloud Pentesting

# Azure Penetration Testing Learning Roadmap

#### ![](https://geps.dev/progress/70) **Complete SC-900: Microsoft Security, Compliance, and Identity Fundamentals**

#### ![](https://geps.dev/progress/60)  **Finish PwnedLabs Hands-On Labs**

- [x] Azure Blob Container to Initial Access
- [x] Intro to Azure Recon with BloodHound
- [x] Unlock Access with Azure Key Vault
- [x] Loot Exchange, Teams, and SharePoint with GraphRunner
- [x] Unmask Privileged Access in Azure
- [x] Azure Recon to Foothold and Profit
- [x] Bypass Azure Web App Authentication with Path Traversal
- [ ] Execute Azure Credential Shuffle to Achieve Objectives
- [ ] Phished for Initial Access
- [ ] Exploit SQL Injection in Azure Function App
- [ ] Passwordless Credentials for Access and Escalation
- [ ] Abuse Dynamic Groups in Entra ID for Privilege Escalation
- [ ] Bypass Azure MFA with Evilginx

#### ![](https://geps.dev/progress/30) **Read "Penetration Testing Azure for Ethical Hackers"**

#### ![](https://geps.dev/progress/0) **Pursue Additional Certifications**

- [ ] AZ-104: Microsoft Azure Administrator
- [ ] AZ-500: Microsoft Azure Security Technologies
- [ ] AZ-303/304: Microsoft Azure Architect Technologies/Design
  
#### ![](https://geps.dev/progress/40) **Pursue Pentest Practical Certifications**


- [ ] CARTP - Altered Security
- [ ] Attacking and Defending Azure & M365 - XINTRA
- [ ] MCRTP - PwnedLabs
- [x] Build Your Portfolio

#### ![](https://geps.dev/progress/10) **Interview Preparation**