-
Notifications
You must be signed in to change notification settings - Fork 2
Module Details
Arpan Sarkar edited this page Apr 17, 2024
·
16 revisions
Halberd modules allow users to execute different attack techniques. Here is a list of all modules available in current release.
Attack Surface : Entra ID, M365, AWS, Azure
Total Unique Modules : 57
Note: Only unique modules are listed in each category. Modules overlap across multiple categories.
- Delegated Access (Username / Password)
- Password Spray
- Brute force Graph Access Token
- Brute force Password
- Entra ID App Only Access
- Entra ID Device Code Flow
- Entra ID Direct Token Access
- Modify Trusted IP Configuration
- Recon Tenant Info
- Recon User Accounts
- Recon Groups
- Recon Applications
- Recon Directory Roles
- Recon Conditional Access Policies
- Recon User One Drive
- Recon SharePoint Sites
- Add User to Group
- Assign Directory Role to User
- Generate Application Credentials
- Create Backdoor Account in Tenant
- Invite External User to Tenant
- Create New Application
- Remove User Account
- Search User Outlook Messages
- Exfil User Mailbox
- Search User Teams Chat
- Search User SP One Drive
- Setup Email Forwarding Rule
- Search Teams Messages
- Setup Email Deletion Rule
- Send Email (Spear-Phishing)
- AWS Access
- List Buckets
- Get Bucket ACL
- List Bucket Objects
- List IAM Roles
- List DynamoDB Tables
- Enumerate EC2 Instances
- Recon IAM Users
- Recon IAM Policies
- Recon Account Authorization Details
- Recon User Details
- Assume Role
- Exfil S3 Bucket
- Delete S3 Bucket
- Delete Bucket Objects
- Delete DynamoDB Table
- Credential Access - Azure CLI
- Service Principal Access - Azure CLI
- Password Spray
- Recon Assigned Role
- Recon VMs
- Recon Resources
- Elevate Azure Access for Global Admin
- Assign Azure Role
- Create Resource Group
- Delete Azure VM