megacorp.icuand set a vulnerable subdomain pointing to Azure Apps. Specifically:
myvulnerableapp.azurewebsites.net. Azure websites are not the only Azure App domain extension, the ones I generally look out for (when it comes to Azure Apps specifically) are:
myvulnerableappis not registered in Azure Apps.
cdinto it, and edit the
application.pyfile (with the code from my GitHub):