Discover Azure public IP address ranges




As an Azure penetration tester, you should attempt to discover resources that are available within an organization’s Azure Infrastructure-as-a-Service (IaaS) environment, and their attack surface area, by scanning the environment’s assigned public IP addresses from the internet.

For an approved engagement, an organization will most likely provide you with the current list of allocated public IP addresses in their Azure subscriptions to ensure that you do not impact other Azure customers.
You can ask them to obtain this list by running the following commands using the Azure CLI or the Az PowerShell module for each of their subscriptions.


Understanding of how Azure functions as a platform

Learning Outcome

– Access to Azure public Cloud by command line


  • For the Azure CLI, run the following command:
    az network public-ip list –query ‘[].[name, ipAddress,publicIpAllocationMethod]’ -o table
  • For the Az PowerShell module, run the following command
    Get-AzPublicIpAddress | Select Name,IpAddress,PublicIpAllocationMethod
  • Do not scan the addresses without the written legal permission of the assigned owner.
Assignment submission instructions:

Click the button below to record your screen and proceed with the exercise.

Please make sure your video is less than 3 min long.

Stop recording and click the “submit” button in the window below.

Open chat
Hello 👋.
Tell me, how can I help you?