Azure Penetration Testing Learning Roadmap

Start

Here | +- [?] Complete SC-900: Microsoft Security, Compliance, and Identity Fundamentals

|

+- [?] Finish PwnedLabs Hands-On Labs

|

| | +- [✗] Azure Blob Container to Initial Access | +- [✗] Intro to Azure Recon with BloodHound | +- [✗] Unlock Access with Azure Key Vault | +- [✗] Loot Exchange, Teams, and SharePoint with GraphRunner | +- [✗] Unmask Privileged Access in Azure | +- [✗] Azure Recon to Foothold and Profit | +- [✗] Bypass Azure Web App Authentication with Path Traversal | +- [ ] Execute Azure Credential Shuffle to Achieve Objectives | +- [ ] Phished for Initial Access | +- [ ] Exploit SQL Injection in Azure Function App | +- [ ] Passwordless Credentials for Access and Escalation | +- [ ] Abuse Dynamic Groups in Entra ID for Privilege Escalation | +- [ ] Bypass Azure MFA with Evilginx | +-

[?] Read "Penetration Testing Azure for Ethical Hackers"

|

+- [ ] Pursue Additional Certifications

|

| | +- [ ] AZ-104: Microsoft Azure Administrator | +- [ ] AZ-500: Microsoft Azure Security Technologies | +- [ ] AZ-303/304: Microsoft Azure Architect Technologies/Design | +-

[ ] Pursue Pentest Practical Certifications

|

| | +- [?] CARTP - Altered Security | +- [ ] Attacking and Defending Azure & M365 - XINTRA | +- [ ] MCRTP - PwnedLabs +- [✗] Build Your Portfolio | +-

[ ] Interview Preparation

? - In Progress ✗ - Completed - Pending