Block All Exportable Certificates via Policy
In an earlier blog, a simple PowerShell script was provided that allows all certificates within all Key Vaults to be dumped as PKCS#12 files. In theory, a simple fix for this is to create and apply a policy to block all Exportable Certificates via Policy – Using Azure policy, you can create a policy
Attacking Azure Key Vault for Fun
In an earlier blog, we described how Azure Key Vault allows exporting of the key material of certificates by default in most scenarios. So how can we go about exploiting this? The first and most obvious way is to enumerate all Azure Key Vaults that you have access to and simply dumping the keys out. [&helli
Introduction to Azure Key Vault
Azure Key Vault Azure Key Vault is a cloud service provided by Microsoft Azure that helps safeguard cryptographic keys and secrets used by cloud applications and services. Key Vault helps provide three main services, which can be accessed programmatically through APIs and includes Secret, Key and Certificat