Azure

Azure Pentesting

Azure AD / Entra ID

Windows server AD vs Azure AD

Azure AD introduction for red teamersSynacktiv

Windows Server AD	Azure AD
LDAP	Rest APIs
NTLM	OAuth/SAML
Kerberos	OpenID
OU Tree	Flat Structure
Domains and Forests	Tenants
Trusts	Guests

MindMap

GitHub - synacktiv/Mindmaps: Azure mindmap for penetration testsGitHub

azure-mindmap/img/preview.png at main · matro7sh/azure-mindmapGitHub

MSFTRecon

Comprehensive enumeration without requiring authentication, helping identify potential security misconfigurations and attack vectors.

GitHub - Arcanum-Sec/msftreconGitHub

Kill Chain

AAD Kill chain

OSINT

Azure OSINT

OSINT

https://aadinternals.com/talks/DEFCON31_Azure%20AD%20OSINT.pdf

Azure Blob Container

Azure Blob Container to Intial AccessMedium

Subdomain Enum

GitHub - NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure securityGitHub

PS C:\mcrtp_bootcamp_tools\Microburst> Import-Module .\MicroBurst.psm1

PS C:\mcrtp_bootcamp_tools\Microburst> Invoke-EnumerateAzureSubDomains -Base megabigtech -Verbose

Azure Recon to FootholdMedium

GitHub - yuyudhn/AzSubEnum: Azure Service Subdomain EnumerationGitHub

From on-prem AD

Azure AD / Entra ID

Bruteforce O365

O365 Bruteforce

MFA enabled ?

GitHub - dafthack/MFASweep: A tool for checking if MFA is enabled on multiple Microsoft ServicesGitHub

O365 Script

GitHub - admindroid-community/powershell-scripts: Office 365 Reporting PowerShell ScriptsGitHub

M365AdminAccessReviewer

GitHub - notEricaZelic/M365AdminAccessReviewer: Shows which M365 Objects have Privileged Access and what type (i.e. PIM, Direct, Currently Elevated)GitHub

Roadrecon

pipx install roadrecon

Azure Recon to FootholdMedium

Misconfiguration

Maester

Azure Security Tools 01: MaesterMedium

Nuclei Templates

Azure Config Review - Nuclei Templates v10.0.0 🎉ProjectDiscovery Blog

Monkey365

GitHub - silverhack/monkey365: Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews.GitHub

ScubaGear

GitHub - cisagov/ScubaGear: Automation to assess the state of your M365 tenant against CISA's baselinesGitHub

IAM Privilege Escalation Identification Tool

GitHub - tenable/EscalateGPT: An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.GitHub

BlueMap

GitHub - SikretaLabs/BlueMap: A Azure Exploitation Toolkit for Red Team & PentestersGitHub

AzureRT - A Powershell module implementing various Azure Red Team tactics

GitHub - mgeeky/AzureRT: AzureRT - A Powershell module implementing various Azure Red Team tacticsGitHub

MicroBurst - A PowerShell Toolkit for Attacking Azure

GitHub - NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure securityGitHub

ROADtools

GitHub - dirkjanm/ROADtools: The Azure AD exploration framework.GitHub

APEX

GitHub - LuemmelSec/APEX: Azure Post Exploitation FrameworkGitHub

PowerZure

GitHub - hausec/PowerZure: PowerShell framework to assess Azure securityGitHub

MicroBurst

GitHub - NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure securityGitHub

Post Exploitation

Azure AD / Entra ID

Interesting Book

Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.

• Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments A comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies large and small.

Interesting Books

Resources

Azure AD introduction for red teamersSynacktiv

GitHub - Kyuu-Ji/Awesome-Azure-Pentest: A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.GitHub

Azure PentestingHackTricks Cloud

Abusing Managed Identities - Hacking The Cloud

5 outils pour réaliser un audit de son tenant Microsoft 365IT-Connect

GitHub - cr4ck3rj4ck5/Azure-Pentest-Toolkit: This repository contains a framework of curated Azure penetration testing tools that are specifically designed to help you identify and mitigate security vulnerabilities in Azure cloud environments.GitHub

GitHub - merill/awesome-entra: 😎 Awesome list of all things related to Microsoft EntraGitHub

Support this Gitbook

I hope it helps you as much as it has helped me. If you can support me in any way, I would deeply appreciate it.