Awesome-Azure-Pentest
Azure security toolkit
A curated collection of tools and resources for penetration testing and securing Microsoft Azure cloud services
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.
1k stars
17 watching
188 forks
last commit: almost 2 years ago
Linked from 2 awesome lists
Awesome Azure Penetration Testing / Tools / Enumeration | |||
| o365creeper | 328 | about 5 years ago | Enumerate valid email addresses |
| CloudBrute | 913 | about 1 year ago | Tool to find a cloud infrastructure of a company on top Cloud providers |
| cloud_enum | 1,711 | about 1 year ago | Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud |
| Azucar | 565 | about 3 years ago | Security auditing tool for Azure environments |
| CrowdStrike Reporting Tool for Azure (CRT) | 711 | over 2 years ago | Query Azure AD/O365 tenants for hard to find permissions and configuration settings |
| ScoutSuite | 6,794 | 12 months ago | Multi-cloud security auditing tool. Security posture assessment of different cloud environments |
| BlobHunter | 321 | over 1 year ago | A tool for scanning Azure blob storage accounts for publicly opened blobs |
| Grayhat Warfare | Open Azure blobs and AWS bucket search | ||
| Office 365 User Enumeration | 248 | over 1 year ago | Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1 or office.com login page |
| CloudFox | 1,983 | about 1 year ago | Automating situational awareness for cloud penetration tests |
| Monkey365 | 862 | 11 months ago | Conduct Microsoft 365, Azure subscriptions and Azure Active Directory security configuration reviews |
| Azure-AccessPermissions | 106 | over 2 years ago | PowerShell script to enumerate access permissions in an Azure AD environment |
| Prowler | 10,941 | 11 months ago | Perform AWS and Azure security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness |
Awesome Azure Penetration Testing / Tools / Information Gathering | |||
| o365recon | 695 | about 3 years ago | Information gathering with valid credentials to Azure |
| Get-MsolRolesAndMembers.ps1 | Retrieve list of roles and associated role members | ||
| ROADtools | 1,938 | 11 months ago | Framework to interact with Azure AD |
| PowerZure | 1,119 | about 1 year ago | PowerShell framework to assess Azure security |
| Azurite | 250 | over 6 years ago | Enumeration and reconnaissance activities in the Microsoft Azure Cloud |
| Sparrow.ps1 | 1,418 | almost 3 years ago | Helps to detect possible compromised accounts and applications in the Azure/M365 environment |
| Hawk | 722 | 11 months ago | Powershell based tool for gathering information related to O365 intrusions and potential breaches |
| Microsoft Azure AD Assessment | 761 | over 1 year ago | Tooling for assessing an Azure AD tenant state and configuration |
| Cloud Katana | 250 | over 1 year ago | Unlocking Serverless Computing to Assess Security Controls |
| SCuBA M365 Security Baseline Assessment Tool | 1,813 | 11 months ago | Automation to assess the state of your M365 tenant against CISA's baselines |
Awesome Azure Penetration Testing / Tools / Lateral Movement | |||
| Stormspotter | 1,555 | almost 2 years ago | Azure Red Team tool for graphing Azure and Azure Active Directory objects |
| AzureADLateralMovement | 123 | almost 3 years ago | Lateral Movement graph for Azure Active Directory |
| SkyArk | 877 | almost 3 years ago | Discover, assess and secure the most privileged entities in Azure and AWS |
| omigood (OM I GOOD?) | 18 | about 4 years ago | Scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities |
Awesome Azure Penetration Testing / Tools / Exploitation | |||
| MicroBurst | 2,068 | 12 months ago | A collection of scripts for assessing Microsoft Azure security |
| azuread_decrypt_msol_v2.ps1 | Decrypt Azure AD MSOL service account | ||
| Microsoft-Teams-GIFShell | 224 | about 3 years ago | Microsoft Teams can be leveraged by an attacker, to execute a reverse shell between an attacker and victim piped through malicious GIFs sent in Teams messages |
| MSOLSpray | 918 | over 1 year ago | A password spraying tool for Microsoft Online accounts (Azure/O365) |
| MSOLSpray.py | 85 | over 1 year ago | A Python version of the MSOLSpray password spraying tool for Microsoft Online accounts (Azure/O365) |
| o365spray | 785 | about 1 year ago | Username enumeration and password spraying tool aimed at Microsoft O365 |
| MFASweep | 1,393 | about 1 year ago | A tool for checking if MFA is enabled on multiple Microsoft Services Resources |
| adconnectdump | 641 | 12 months ago | Dump Azure AD Connect credentials for Azure AD and Active Directory |
Awesome Azure Penetration Testing / Resources / Articles | |||
| Abusing Azure AD SSO with the Primary Refresh Token | |||
| Abusing dynamic groups in Azure AD for Privilege Escalation | |||
| Attacking Azure, Azure AD, and Introducing PowerZure | |||
| Attacking Azure & Azure AD, Part II | |||
| Azure AD Connect for Red Teamers | |||
| Azure AD Introduction for Red Teamers | |||
| Azure AD Pass The Certificate | |||
| Azure AD privilege escalation - Taking over default application permissions as Application Admin | |||
| Defense and Detection for Attacks Within Azure | |||
| Hunting Azure Admins for Vertical Escalation | |||
| Impersonating Office 365 Users With Mimikatz | |||
| Lateral Movement from Azure to On-Prem AD | |||
| Malicious Azure AD Application Registrations | |||
| Moving laterally between Azure AD joined machines | |||
| CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory | |||
| Privilege Escalation Vulnerability in Azure Functions | |||
| Azure Application Proxy C2 | |||
| Recovering Plaintext Passwords from Azure Virtual Machines like It’s the 1990s | |||
| Forensicating Azure VMs | |||
| Network Forensics on Azure VMs | |||
| Cross-Account Container Takeover in Azure Container Instances | |||
| Azure Active Directory password brute-forcing flaw | |||
| How to Detect Azure Active Directory Backdoors: Identity Federation | |||
| Azure App Service vulnerability exposed hundreds of source code repositories | |||
| AutoWarp: Cross-Account Vulnerability in Microsoft Azure Automation Service | |||
| Microsoft Azure Synapse Pwnalytics | |||
| Microsoft Azure Site Recovery DLL Hijacking | |||
| FabriXss (CVE-2022-35829): Abusing a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer | |||
| Untangling Azure Active Directory Principals & Access Permissions | |||
| How to Detect OAuth Access Token Theft in Azure | |||
| How to deal with Ransomware on Azure | |||
| How Orca found Server-Side Request Forgery (SSRF) Vulnerabilities in four different Azure Services | |||
| EmojiDeploy: Smile! Your Azure web service just got RCE’d | |||
| Bounce the Ticket and Silver Iodide on Azure AD Kerberos | |||
| List of all Microsoft Portals | |||
| Azure Articles from NetSPI | |||
| Azure Cheat Sheet on CloudSecDocs | |||
| Resources about Azure from Cloudberry Engineering | |||
| Resources from PayloadsAllTheThings | 61,904 | 11 months ago | |
| Encyclopedia on Hacking the Cloud | |||
| Azure AD - Attack and Defense Playbook | 2,183 | 11 months ago | |
| Azure Security Resources and Notes | 1,497 | over 1 year ago | |
| Azure Threat Research Matrix | |||
Awesome Azure Penetration Testing / Resources / Lab Exercises | |||
| azure-security-lab | 60 | about 7 years ago | Securing Azure Infrastructure - Hands on Lab Guide |
| AzureSecurityLabs | 46 | almost 6 years ago | Hands-on Security Labs focused on Azure IaaS Security |
| Building Free Active Directory Lab in Azure | |||
| Aria Cloud Penetration Testing Tools Container | 132 | over 4 years ago | A Docker container for remote penetration testing |
| PurpleCloud | 535 | 11 months ago | Multi-use Hybrid + Identity Cyber Range implementing a small Active Directory Domain in Azure alongside Azure AD and Azure Domain Services |
| BlueCloud | 126 | about 3 years ago | Cyber Range system with a Windows VM for security testing with Azure and AWS Terraform support |
| Azure Red Team Attack and Detect Workshop | 610 | over 2 years ago | |
| SANS Workshop – Building an Azure Pentest Lab for Red Teams | The link in the description contains a password-protected OVA file that can be used until 2nd March 2024 | ||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / Attacking and Defending the Microsoft Cloud (Office 365 & Azure AD | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| TR19: I'm in your cloud, reading everyone's emails - hacking Azure AD via Active Directory | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / TR19: I'm in your cloud, reading everyone's emails - hacking Azure AD via Active Directory | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Dirk Jan Mollema - Im In Your Cloud Pwning Your Azure Environment - DEF CON 27 Conference | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / Dirk Jan Mollema - Im In Your Cloud Pwning Your Azure Environment - DEF CON 27 Conference | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Adventures in Azure Privilege Escalation Karl Fosaaen | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos / Adventures in Azure Privilege Escalation Karl Fosaaen | |||
| Presentation Slides | |||
Awesome Azure Penetration Testing / Resources / Talks and Videos | |||
| Introducing ROADtools - Azure AD exploration for Red Teams and Blue Teams | |||
Awesome Azure Penetration Testing / Resources / Books | |||
| Pentesting Azure Applications | |||
teamssix/awesome-cloud-security
bytesnipers/awesome-pentest-cheat-sheets
nccgroup/sadcloud
redteamoperations/redcloud-os
infosecn1nja/red-teaming-toolkit
projectdiscovery/cloudlist
fit2cloud/riskscanner
securityftw/cs-suite
ydcloudsecurity/cloud-security-guides
rams3sh/aaia
rhinosecuritylabs/pacu
momenbasel/liffier
azuread/microsoft-authentication-library-for-python