7a2598eedc | ||
---|---|---|
.. | ||
Azure Roles | ||
AzureRT@3ba36f9ed7 | ||
README.md |
README.md
Azure-related penetration testing scripts, tools and Cheatsheets
-
Azure Roles
- All Azure RBAC and Azure AD Role Definitions, along with their permissions associated listed in a handy markdown report. -
AzureRT
- Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with access token based authentication, easily switching fromAz
toAzureAD
andaz cli
interfaces, easy to use pre-made attacks such as Runbook-based command execution and more.Authentication & Token mechanics:
Get-ARTWhoami
Connect-ART
Connect-ARTAD
Connect-ARTADServicePrincipal
Get-ARTAccessTokenAzCli
Get-ARTAccessTokenAz
Get-ARTAccessTokenAzureAD
Parse-JWTtokenRT
Remove-ARTServicePrincipalKey
Recon and Situational Awareness:
Get-ARTAccess
Get-ARTADAccess
Get-ARTDangerousPermissions
Get-ARTResource
Get-ARTRolePermissions
Get-ARTADRolePermissions
Get-ARTRoleAssignment
Get-ARTKeyVaultSecrets
Get-ARTAutomationRunbookCode
Get-ARTAzureVMPublicIP
Privilege Escalation:
Add-ARTUserToGroup
Add-ARTUserToRole
Add-ARTADAppSecret
Lateral Movement:
Invoke-ARTAutomationRunbook
Invoke-ARTRunCommand
Misc:
Get-ARTUserId
Get-ARTSubscriptionId
Parse-JWTtokenRT
Invoke-ARTGETRequest