Welcome to the Azure cloud Security Capture The Flag (CTF) challenges at Hackfest 2.0, a 7-day hackathon organized by cyberEyes & CSK. This event is designed to test and improve your Azure cloud security skills through real-world security misconfigurations and threats.
Each challenge will be designed as a flag-based security challenge where participants need to complete a task and retrieve a "flag" (a hidden code or phrase). Flags will be stored in secure locations that participants can only access after properly securing or exploiting the system.
Each challenge is assigned a difficulty level:
- 🟢 Beginner (100 points)
- 🔵 Intermediate (200 points)
- 🔴 Advanced (300+ points)
The first team to submit a correct flag earns extra bonus points (+50). The leaderboard updates in real-time based on completed challenges.
The challenges are based on real-world scenarios and cover a wide range of Azure security topics, including:
✅ Storage Security – Misconfigured storage accounts, public access, and SAS token exploitation.
✅ Identity & Access Management (IAM) – Azure AD misconfigurations, role assignments, and privilege escalation.
✅ Network Security – Exposed virtual machines, firewall bypass, and NSG misconfigurations.
✅ CI/CD Security – Secure DevOps pipelines, misconfigured secrets, and container security.
✅ Logging & Monitoring – Defender for Cloud, Azure Monitor logs, and security alerts.
🚀 Challenge 1: Exposed Storage - Retrieve the Secret (100 Points)
🔹 A misconfigured Azure Storage Account exposes sensitive information.
🔹 Find the publicly accessible file and extract the hidden flag from metadata.
🔹 Secure the storage account to prevent unauthorized access.
🔹 Identify overprivileged Azure AD roles that allow privilege escalation.
🔹 Exploit a misconfigured service principal to gain elevated access.
🔹 Secure the identity permissions to prevent further exploitation.
🔹 Bypass weak Network Security Group (NSG) rules to access a restricted VM.
🔹 Identify an exposed RDP/SSH service and gain access.
🔹 Implement firewall rules to harden the network.
🔹 Discover hardcoded secrets in a DevOps pipeline.
🔹 Exploit weak security configurations in Azure DevOps/GitHub Actions.
🔹 Secure the pipeline by implementing secrets management best practices.
🔹 Analyze Azure Monitor Logs and Defender for Cloud alerts.
🔹 Investigate a simulated attack and find the attacker’s origin.
🔹 Implement detection rules to prevent similar incidents.
Before attempting the challenge, you should be familiar with:
- Azure Storage Accounts → Learn more
- Azure Active Directory (Azure AD) → Learn more
- Azure Networking (NSGs, Firewalls) → Learn more
- Azure DevOps & CI/CD Security → Learn more
- Azure Monitor & Defender for Cloud → Learn more
To complete these challenges, follow instructions for each challenge and submit:
✅ The correct flag (CTF{...}).
✅ Screenshots/logs/files of steps documented to the applied security fixes.
✅ (Bonuses) on the additional instructions.
Want to add your own challenge? Feel free to fork this repo and create a pull request with your challenge idea!
Follow us on LinkedIn-cyber eyes and join the LinkedIn-CSK community for updates, discussions, and security tips!
🔹 Happy Hacking! 🔹 🔹 Cloud security! 🔹
- prepared by $!rronn3y courtesy of @cyberEyes @CSK