51 lines
1.6 KiB
Markdown
51 lines
1.6 KiB
Markdown
|
|
## Azure-related penetration testing scripts, tools and Cheatsheets
|
|
|
|
- [**`Azure Roles`**](https://github.com/mgeeky/Penetration-Testing-Tools/blob/master/clouds/azure/Azure%20Roles/README.md) - All Azure RBAC and Azure AD Role Definitions, along with their permissions associated listed in a handy markdown report.
|
|
|
|
- **`AzureRT`** - Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with access token based authentication, easily switching from `Az` to `AzureAD` and `az cli` interfaces, easy to use pre-made attacks such as Runbook-based command execution and more.
|
|
|
|
Authentication & Token mechanics:
|
|
|
|
- *`Get-ARTWhoami`*
|
|
- *`Connect-ART`*
|
|
- *`Connect-ARTAD`*
|
|
- *`Connect-ARTADServicePrincipal`*
|
|
- *`Get-ARTAccessTokenAzCli`*
|
|
- *`Get-ARTAccessTokenAz`*
|
|
- *`Get-ARTAccessTokenAzureAD`*
|
|
- *`Parse-JWTtokenRT`*
|
|
- *`Remove-ARTServicePrincipalKey`*
|
|
|
|
Recon and Situational Awareness:
|
|
|
|
- *`Get-ARTAccess`*
|
|
- *`Get-ARTADAccess`*
|
|
- *`Get-ARTDangerousPermissions`*
|
|
- *`Get-ARTADScopedRoleAssignment`*
|
|
- *`Get-ARTResource`*
|
|
- *`Get-ARTRolePermissions`*
|
|
- *`Get-ARTADRolePermissions`*
|
|
- *`Get-ARTRoleAssignment`*
|
|
- *`Get-ARTKeyVaultSecrets`*
|
|
- *`Get-ARTAutomationRunbookCode`*
|
|
- *`Get-ARTAzureVMPublicIP`*
|
|
|
|
Privilege Escalation:
|
|
|
|
- *`Add-ARTUserToGroup`*
|
|
- *`Add-ARTUserToRole`*
|
|
- *`Add-ARTADAppSecret`*
|
|
|
|
Lateral Movement:
|
|
|
|
- *`Invoke-ARTAutomationRunbook`*
|
|
- *`Invoke-ARTRunCommand`*
|
|
|
|
Misc:
|
|
|
|
- *`Get-ARTUserId`*
|
|
- *`Get-ARTSubscriptionId`*
|
|
- *`Parse-JWTtokenRT`*
|
|
- *`Invoke-ARTGETRequest`*
|