hacky business
What do other people do when pentesting against Azure beyond password spray attacks?
I do sprays, and certainly scan any available IPs, but if serverless... webapp scanning is all that is really left I think.
Attack the endpoints, attack the app interfaces...
Follow
🇳🇱
hacky business
@thegibson I usually just let a monkey loose in the server room and see what happens.
