About This Tool

A broken-by-design Azure environment to practice and train security skills in the cloud domain.

Primary Use Case

This tool is used by security professionals, cloud engineers, and learners to gain practical experience in identifying and exploiting misconfigurations and vulnerabilities within Azure cloud environments. It provides a safe, controlled environment with embedded challenges and flags to enhance cloud security training and assessment.

Key Features

Deliberately vulnerable Azure architecture available 24/7
Embedded flags for hands-on exploitation and challenge completion
Terraform scripts to deploy and manage the environment
Supports multiple Azure services including SQL and Web
Integration with OpenVPN for secure challenge access
Automated environment reset suggestions to maintain challenge integrity
Includes DevOps user with modifiable profile for additional attack vectors

Insights & Recommendations

Ensure 'Security defaults' are disabled in Azure to avoid mandatory MFA on the DevOps user. Certificates provided are valid until 2032 but can be regenerated as needed. The environment includes known issues such as DevOps user profile modifications and potential information leakage, with suggested mitigations like periodic password resets and environment resets. Proper registration of Azure providers is required to avoid deployment errors.

Installation

Install Azure CLI and ensure it is in your $PATH
Install Terraform and ensure it is in your $PATH
Install SQL Command Line tools and ensure they are in your $PATH
Install Azure Functions Core Tools and ensure they are in your $PATH
Install OpenVPN to complete the challenges
Install sshpass and ensure it is in your $PATH
Login to Azure using 'az login'
Verify validity of certificates 'files/key.pem' and 'files/cert.pem' (valid until 2032)
Run 'terraform init' to install required providers
Optionally run 'terraform plan' to preview changes

Usage

az login

Authenticate to Azure CLI to enable deployment and management of Azure resources.

terraform init

Initialize Terraform and download required providers for the deployment.

terraform plan

Preview the changes Terraform will apply to the Azure environment.

terraform apply

Deploy the vulnerable Azure environment as defined by the Terraform scripts.

terraform destroy

Remove all deployed resources and destroy the environment.

az provider register --namespace Microsoft.Sql

Register the Azure subscription to use Microsoft.Sql namespace if not already registered.

az provider register --namespace Microsoft.Web

Register the Azure subscription to use Microsoft.Web namespace if not already registered.

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem

Generate new certificates required for the environment, including embedding Azure tenant and app IDs.

Smart Usage Notes

Integrate the environment with automated red team tools like Metasploit or custom scripts to simulate advanced attack chains.Use the platform for purple team exercises by combining attacker simulations with blue team detection and response drills.Leverage Terraform scripts to automate environment resets, enabling continuous training and testing cycles.Incorporate challenge flags into gamified learning platforms to boost engagement and track skill progression.Extend the environment with custom Azure services or attack vectors to tailor training for specific organizational cloud architectures.

OpenSec Atlas

brokenbydesign-azure