Home

Posts

  • Jun 11, 2026

    Building a Linux Workstation for Azure and Entra ID Pentesting

    Most people meet Azure security through the portal. You click around, read some role assignments, maybe run a few az commands, and it can feel like the whole job lives in a browser tab. It doesn’t. The minute you move past clicking and start dealing with tokens, Graph calls, refresh flows, and scripted enumeration, you want a real workstation behind you.

    I came to cloud security from the on-prem side, where my comfort zone was Active Directory and network attacks. Standing up a proper Linux box for Azure and Entra work turned out to be one of the better moves I made in that transition, and not really for the reasons people usually list. So let me explain the reasons that actually held up, and then walk through what goes on the machine.

    One thing first: this is not Linux versus Microsoft tooling. Half of what I run on this box is Microsoft’s own PowerShell modules. Linux is the base I drive everything from, not a replacement for any of it.

    Read more →

subscribe via RSS