Skip to content

badchars/AzureAD-Pentest

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

65 Commits
Objectives
Objectives
 
 
img
img
 
 
AZ CLI.md
AZ CLI.md
 
 
Authenticated Enumeration.md
Authenticated Enumeration.md
 
 
Az PowerShell.md
Az PowerShell.md
 
 
AzureAD.md
AzureAD.md
 
 
Commands.md
Commands.md
 
 
Enumeration.md
Enumeration.md
 
 
Execute Command On VMs.md
Execute Command On VMs.md
 
 
Illicit Consent Grant Attack.md
Illicit Consent Grant Attack.md
 
 
Initial Access - File Upload.md
Initial Access - File Upload.md
 
 
Initial Access - OS Command Injection.md
Initial Access - OS Command Injection.md
 
 
Initial Access - SSTI.md
Initial Access - SSTI.md
 
 
Insecure Storage Blobs.md
Insecure Storage Blobs.md
 
 
Kill Chain 1.md
Kill Chain 1.md
 
 
Kill Chain 2.md
Kill Chain 2.md
 
 
Kill Chain 3.md
Kill Chain 3.md
 
 
Kill Chain 4.md
Kill Chain 4.md
 
 
README.md
README.md
 
 

Repository files navigation

README

Topics_Covered

  1. Introduction to Azure AD (AAD)
    • Azure Services - Categories
    • Architecture
      • Management Groups
      • Subscriptions
      • Resource Groups and Resources
      • Managed Identity
      • Azure Resource Manager (ARM)
        • Azure AD vs Azure
        • Azure AD vs On-Prem AD
      • Azure RBAC Roles
        • RBAC Assignment
        • ABAC
    • Tools
  2. Discovery and Recon
    • Azure Tenant
    • Email IDs
    • Azure Services
    • Default User Permissions
    • AzureAD Module
    • Az Powershell
    • Azure CLI (az cli)
    • Authentication and APIs
      • OAuth and OIDC
      • Using Tokens with CLI Tools
        • Using and Stealing Tokens with Az PowerShell
        • Using and Stealing Tokens with Az CLI
        • Using Tokens with APIs - ARM
        • Using Tokens with APIs - MS Graph
    • Enumeration
      • ROADTools
      • StormSpotter
      • BloodHound
    • Consent and Permissions
    • Illicit Consent Grant Attack
  3. Azure App Service
    • App Service Abuse
      • Insecure File Upload
      • Server Side Template Injection
      • OS Command Injection
    • Function App Abuse
    • Azure Blob Storage
      • Storage Explorer
      • Anonymous Access Abuse
    • Automation Account
      • Run As Account
      • Runbook
      • Hybrid Worker
    • Key Vault
    • Enterprise Applications
      • Client Secrets Abuse
      • ARM Templates History
    • Azure VMs
      • User Data Abuse
      • Custom Script Extension Abuse
      • Hybrid Join
    • Primary Refresh Token (PRT)
      • Pass-the-PRT
    • Device Management
      • Intune - Cloud to On-Prem
    • Dynamic Groups Abuse
    • Application Proxy Abuse
      • Application Proxy Cloud to On-Prem
    • Hybrid Identity
      • Azure AD Connect
        • PHS (Password Hash Sync) Abuse
        • Pass-Through AuthN (PTA) Abuse
        • Federation ADFS
    • Persistence
      • Hybrid Identity - On-Prem to Cloud
      • Federation - Trusted Domain
      • Federation - Token Signing Certificate
      • Storage Account Access Keys
      • Applications and Service Principals
      • Illicit Consent Grant
      • Azure VMs and NSGs
      • Custom Azure AD Roles
      • Deployment Modification
    • Azure Security
      • Operations
      • Identity and Access Management (IAM)
        • MFA
        • Security Defaults
        • Conditional Access
        • Privileged Identity Management (PIM)
        • Azure AD Identity Protection
      • Microsoft 365 Defender
      • Microsoft Sentinel

Resources

Resources

Tools

About

AzureAD Pentest

Resources

Readme
Activity

Stars

14 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published