Azure is by default available to every user in the organization. Clients who for instance have Office 365 oftenly haven't set up any conditional access policy to prevent users from logging in to the Azure portal and retrieve every user, role or group. Most of the organizations neither monitor what users are doing in the Azure portal either. So, what if you have a user account in a tenant? What is there to explore and how can we exploit even (default) misconfigurations.
SecureHacks is a project existing out of PowerShell, Azure CLI and maybe Python scripts for discovery of vulnerabilities in Azure & Azure AD. Purpose is to create scripts than can be used from any machine, without any flags being triggered by defender or other security tools.
In the documentation an overview of build-in commands can be found for enummeration of accounts, groups, roles, resources, devices etc.
Maybe this project will be extended with files, policies, kusto queries etc. for detecting and remidiating the discoveries.
WARNING! The code is for Proof of Concept only and should not be used in production without explict approval of the owner.
- Access to an Azure (AD) environment
- User Account