# Cloud

- [Kubernetes](/pentesting-notes/cloud/kubernetes.md)
- [Azure](/pentesting-notes/cloud/azure.md)
- [Architecture](/pentesting-notes/cloud/azure/architecture.md)
- [RBAC & ABAC roles](/pentesting-notes/cloud/azure/architecture/rbac-and-abac-roles.md)
- [Entra ID roles](/pentesting-notes/cloud/azure/architecture/entra-id-roles.md)
- [Entra ID - Authentication with OAuth and API's](/pentesting-notes/cloud/azure/architecture/entra-id-authentication-with-oauth-and-apis.md)
- [Consent and Permissions](/pentesting-notes/cloud/azure/architecture/consent-and-permissions.md)
- [Service Discovery, Recon, Enumeration and Initial Access Attacks](/pentesting-notes/cloud/azure/service-discovery-recon-enumeration-and-initial-access-attacks.md)
- [Unauthenticated Recon](/pentesting-notes/cloud/azure/service-discovery-recon-enumeration-and-initial-access-attacks/unauthenticated-recon.md)
- [Password Spraying](/pentesting-notes/cloud/azure/service-discovery-recon-enumeration-and-initial-access-attacks/password-spraying.md)
- [Azure App Service](/pentesting-notes/cloud/azure/service-discovery-recon-enumeration-and-initial-access-attacks/azure-app-service.md)
- [Azure Blob Storage](/pentesting-notes/cloud/azure/service-discovery-recon-enumeration-and-initial-access-attacks/azure-blob-storage.md)
- [Phishing with Evilginx](/pentesting-notes/cloud/azure/service-discovery-recon-enumeration-and-initial-access-attacks/phishing-with-evilginx.md)
- [Conditional Access](/pentesting-notes/cloud/azure/service-discovery-recon-enumeration-and-initial-access-attacks/conditional-access.md)
- [Authenticated Enumeration](/pentesting-notes/cloud/azure/authenticated-enumeration.md)
- [ROADTools](/pentesting-notes/cloud/azure/authenticated-enumeration/roadtools.md)
- [BloodHound & AzureHound](/pentesting-notes/cloud/azure/authenticated-enumeration/bloodhound-and-azurehound.md)
- [Storage Accounts (database)](/pentesting-notes/cloud/azure/authenticated-enumeration/storage-accounts-database.md)
- [MFASweep](/pentesting-notes/cloud/azure/authenticated-enumeration/mfasweep.md)
- [GraphRunner](/pentesting-notes/cloud/azure/authenticated-enumeration/graphrunner.md)
- [Azure SQL databases](/pentesting-notes/cloud/azure/authenticated-enumeration/azure-sql-databases.md)
- [Privilege Escalation](/pentesting-notes/cloud/azure/privilege-escalation.md)
- [Illicit Consent Grant](/pentesting-notes/cloud/azure/privilege-escalation/illicit-consent-grant.md)
- [Macro enabled Word-files (Revshell)](/pentesting-notes/cloud/azure/privilege-escalation/macro-enabled-word-files-revshell.md)
- [Add secrets to app](/pentesting-notes/cloud/azure/privilege-escalation/add-secrets-to-app.md)
- [Automation Accounts & Function Apps](/pentesting-notes/cloud/azure/privilege-escalation/automation-accounts-and-function-apps.md)
- [Virtual Machines](/pentesting-notes/cloud/azure/privilege-escalation/virtual-machines.md)
- [Key Vault](/pentesting-notes/cloud/azure/privilege-escalation/key-vault.md)
- [ARM Deployment History](/pentesting-notes/cloud/azure/privilege-escalation/arm-deployment-history.md)
- [Enterprise Application / Service Principal](/pentesting-notes/cloud/azure/privilege-escalation/enterprise-application-service-principal.md)
- [Lateral Movement](/pentesting-notes/cloud/azure/lateral-movement.md)
- [Entra ID Devices & Primary Refresh Tokens](/pentesting-notes/cloud/azure/lateral-movement/entra-id-devices-and-primary-refresh-tokens.md)
- [Dynamic Groups](/pentesting-notes/cloud/azure/lateral-movement/dynamic-groups.md)
- [Application Proxy](/pentesting-notes/cloud/azure/lateral-movement/application-proxy.md)
- [Hybrid Identity](/pentesting-notes/cloud/azure/lateral-movement/hybrid-identity.md)