Skip to content

Releases: blacklanternsecurity/offensive-azure

v0.4.10

28 Apr 03:11
@debifrank debifrank
v0.4.10
fa4bc9f
Compare
Choose a tag to compare
v0.4.10 Latest
Latest
  • Now able to query Azure (ARM) for:
    • Subscriptions
    • Resource Groups
    • VMs
  • Able to query Azure AD (MS Graph) for:
    • User Group Membership
      • Transitive memberOf
      • Includes nested group membership
  • All added modules output multiple files, including bloodhound compatible json files
Assets 2
Loading

v0.4.9

26 Apr 03:57
@debifrank debifrank
v0.4.9
cae0bd0
Compare
Choose a tag to compare
v0.4.9
  • Changed versioning format from X.YYY to X.Y.Z
  • Added new module to Azure_AD
    • get_groups : Takes in an ms_graph or refresh token, outputs all groups and all available group properties from MS Graph API
      • Creates condensed/raw/bloodhound json files

Full Changelog: v0.048...v0.4.9

Assets 2
Loading

v0.048

22 Apr 16:21
@debifrank debifrank
v0.048
ff6c0bd
Compare
Choose a tag to compare
v0.048
  • Finalized get_users Azure_AD module
    • Pulls all available users from Tenant
    • Pulls all supported user properties using Microsoft Graph API
    • outputs to three data files, including BloodHound compatible azusers type file
  • Finalized get_tenant Azure_AD module
    • Pulls tenant id from passed in token
    • Pulls tenant name (Federation Brand Name) from openid configurations (public)
    • Outputs two data files, one text file and one BloodHound compatible aztenant type file
Assets 2
Loading

v0,046

20 Apr 04:30
@debifrank debifrank
v0.046
976b6de
Compare
Choose a tag to compare
v0,046
  • read_token was added under the Access_Tokens directory
    • Allows you to parse a supplied access token for included claim information
    • Checks if the token is expired
    • Attempts to validate token signature
Assets 2
Loading

v0.045 - Poetry Support

18 Apr 14:52
@debifrank debifrank
v0.045
3f4ee4f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.045 - Poetry Support
  • With this release, poetry is now supported for the modules present.
  • Once installed via poetry, each module may be ran by name:
    • poetry run device_code_easy_mode
    • poetry run token_juggle
    • poetry run outsider_recon
    • poetry run user_enum
  • You may also run the modules as you have before by cloning the repository and executing the individual scripts
Assets 2
Loading

v0.043

16 Apr 04:55
@debifrank debifrank
v0.043
f689b4f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.043 
Update pyproject.toml
Assets 2
Loading

v0.042

16 Apr 04:52
@debifrank debifrank
v0.042
8ad5963
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.042 
Update python-publish.yml
Assets 2
Loading

v0.041

16 Apr 04:47
@debifrank debifrank
v0.041
2c627d7
Compare
Choose a tag to compare
v0.041 
poetry stuff
Assets 2
Loading

v0.04

16 Apr 03:02
@debifrank debifrank
v0.04
27e035e
Compare
Choose a tag to compare
v0.04
  • Included pylint
    • Cleaned up code as result
Assets 2
Loading

v0.03

15 Apr 03:12
@debifrank debifrank
v0.03
a338d81
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.03
  • Added module for external, unauthenticated user enumeration
    • Largely a port of AADInternals Invoke-AADIntUserEnumerationAsOutsider cmdlet
  • Allows you to supply a password to be used (password spray)
  • Saves output as a json file
  • Can be found in ./User_Enum/
Assets 2
Loading