We created this beginner-friendly lab to showcase how both attackers and defenders can use BloodHound and the AzureHound collector to better understand Azure environments and the potentially abusable relationships and attack paths that may exist. You'll get hands-on experience with BloodHound, as well as enumerating custom security attributes and virtual machine user data using the command line and the Azure portal.

After discovering that a public company GitHub repository contained accidentally committed credentials, Mega Big Tech has requested us to investigate the extent of potential exposure. They want to determine if these credentials can be used to access their cloud environment and if any confidential data is at risk.

• Basic Windows command line knowledge

• Setting up BloodHound
• Collecting Azure data using AzureHound
• Using BloodHound to get situational awareness
• Enumerating custom security attributes using PowerShell
• Accessing credentials in virtual machine user data

Gaining situational awareness of a network is vital for defenders. Tools like BloodHound offer a visual representation of Azure relationships and permissions, helping defenders identify potential attack paths, over-permissive configurations, and simulate attacker reconnaissance. This insight and purple team approach enables proactive defense and reduces the attack surface.