Exploiting and defending anonymous access in Azure

Azure Blob Storage Container

Blob storage container access levels

Azure Container Registry

Anonymous pull access enabled
Credential hunting in container images

Protecting Anonymous Access in Azure

BlobHunter authenticated audit of anonymous blob containers and objects
Disable blob public access on a resource level
Disable blob public access using Azure policy
config from cloud.resource where cloud.type = ‘azure’ AND api.name = ‘azure-container-registry’ AND json.rule = anonymousPullEnabled equals true

Author of 2 books on Azure cloud security — https://amzn.to/2Vt0Jjx. I also deliver beginner 2 advanced level Azure security training 2 organizations. Reach out

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Google Sheet Open Source CryptoTools Set-Up

Replaying Ethereum Hacks — Furucombo

Lazarus group’s Brambul worm of the former Wannacry

Digital Privacy, is Our Information Safe?

{UPDATE} Mr Hide - Pick And Flip It Up Hack Free Resources Generator

What is SIP Protocol

Protocol: DHCP

Zenmap missing Kali linux 2020.2

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Okeyode (MVP)

David Okeyode (MVP)

Author of 2 books on Azure cloud security — https://amzn.to/2Vt0Jjx. I also deliver beginner 2 advanced level Azure security training 2 organizations. Reach out

More from Medium

“Disabling key-based access” for Azure storage does not completely disable key-based access for…

The forefront of Agritech.

Forensic evidence of Opening Files without extraction with WinRAR

Setup Azure Sentinel SIEM