Hello World
Whoami
Pentest
Cloud
Antivirus Evasion - Defender
EDR BYPASS
Red Team
CTF

Powered by GitBook

On this page

Windows server AD vs Azure AD
MindMap
Kill Chain
OSINT
Azure Blob Container
From on-prem AD
Bruteforce O365
Misconfiguration
Maester
Nuclei Templates
Monkey365
ScubaGear
BlueMap
AzureRT - A Powershell module implementing various Azure Red Team tactics
MicroBurst - A PowerShell Toolkit for Attacking Azure
ROADtools
PowerZure
MicroBurst
Resources

Was this helpful?

Azure

PreviousSSRF / RCE NextAWS

Last updated 8 days ago

Windows server AD vs Azure AD

Windows Server AD

Azure AD

LDAP

Rest APIs

NTLM

OAuth/SAML

Kerberos

OpenID

OU Tree

Flat Structure

Domains and Forests

Tenants

Trusts

Guests

MindMap

Kill Chain

OSINT

https://aadinternals.com/talks/DEFCON31_Azure%20AD%20OSINT.pdf

Azure Blob Container

From on-prem AD

Azure AD / Entra ID

Bruteforce O365

O365 Bruteforce

Misconfiguration

Maester

Nuclei Templates

Monkey365

ScubaGear

BlueMap

AzureRT - A Powershell module implementing various Azure Red Team tactics

MicroBurst - A PowerShell Toolkit for Attacking Azure

ROADtools

PowerZure

MicroBurst

Resources

azure-mindmap/img/preview.png at main · matro7sh/azure-mindmapGitHub

GitHub - synacktiv/Mindmaps: Azure mindmap for penetration testsGitHub

Azure Blob Container to Intial AccessMedium

Azure Security Tools 01: MaesterMedium

Azure Config Review - Nuclei Templates v10.0.0 🎉ProjectDiscovery Blog

GitHub - silverhack/monkey365: Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews.GitHub

GitHub - cisagov/ScubaGear: Automation to assess the state of your M365 tenant against CISA's baselinesGitHub

GitHub - SikretaLabs/BlueMap: A Azure Exploitation Toolkit for Red Team & PentestersGitHub

GitHub - mgeeky/AzureRT: AzureRT - A Powershell module implementing various Azure Red Team tacticsGitHub

GitHub - NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure securityGitHub

GitHub - NetSPI/MicroBurst: A collection of scripts for assessing Microsoft Azure securityGitHub

GitHub - dirkjanm/ROADtools: The Azure AD exploration framework.GitHub

GitHub - hausec/PowerZure: PowerShell framework to assess Azure securityGitHub

GitHub - Kyuu-Ji/Awesome-Azure-Pentest: A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.GitHub

Azure AD introduction for red teamersSynacktiv

Abusing Managed Identities - Hacking The Cloud

5 outils pour réaliser un audit de son tenant Microsoft 365IT-Connect

GitHub - cr4ck3rj4ck5/Azure-Pentest-Toolkit: This repository contains a framework of curated Azure penetration testing tools that are specifically designed to help you identify and mitigate security vulnerabilities in Azure cloud environments.GitHub

Azure PentestingHackTricks Cloud

GitHub - merill/awesome-entra: 😎 Awesome list of all things related to Microsoft EntraGitHub