Thomas Elling
Thomas Elling is the Director of Azure/Entra ID Cloud Pentesting and a security researcher at NetSPI. He specializes in web application and cloud security testing. He has advised multiple Fortune 500 companies in the technology sector. In his spare time, Thomas enjoys improving his coding skills, watching bad action movies, and hanging out with his dog, Chunks.
Session
The increase in hybrid cloud adoption over the last decade has extended traditional Active Directory domain environments into the Azure (and Entra ID) cloud. During that time, penetration tests and red team assessments have also been bringing Azure tenants into engagement scopes. Less experienced testers are often finding themselves with an initial foothold in Azure, but lacking in experience on what an escalation path would look like. This talk will cover all the steps along the way from initial access through persistence.
Attendees should walk away with some new techniques, along with a handful of potential escalation paths for furthering access in an Azure tenant. In addition to this, we will cover some techniques for maintaining privileged access after an initial escalation. Finally, we will be introducing a new resource for identifying attack paths for specific Azure services.