XM Goat is composed of XM Cyber terraform templates that help you learn about common Azure security issues. Each template is a vulnerable environment, with some significant misconfigurations. Your job is to attack and compromise the environments.
Link: https://github.com/XMCyber/XMGoat
Link: https://www.secura.com/blog/broken-azure-cloud
Identity lab supporting Azure AD and Active Directory enterprise deployment with SIEM in Azure. Easily build your own Pentest / Red Team / Cyber Range in Azure cloud. PurpleCloud was created as a platform for researching Azure Identity. This repository contains python scripts that function as Terraform code generators for different use cases. Each script creates independent resources that don't depend on the others.
Link: https://www.purplecloud.network/
This is a vulnerable-by-design Azure lab containing 2 x attack paths with common misconfigurations. These vulnerabilities are intended to represent those found in live production environments and the attack vectors are intended to be as realistic as possible to real Threat Actors TTPs. If you would like to see what detections and alerts these attack path vectors are causing, I recommend signing up for a Microsoft E5 trial which has Microsoft Defender for Cloud and Azure AD premium P2 plan. Links for signing up to an Azure Developer account can be found in the resources.txt file.
Link: https://github.com/mandiant/Azure_Workshop