megacorp.icu
and set a vulnerable subdomain pointing to Azure Apps. Specifically: myvulnerableapp.azurewebsites.net
. Azure websites are not the only Azure App domain extension, the ones I generally look out for (when it comes to Azure Apps specifically) are:myvulnerableapp
is not registered in Azure Apps.cd
into it, and edit the application.py
file (with the code from my GitHub):urllib2
to the requirements.txt
file: