Herramientas

AnteriorAzure SiguienteMetodología de Azure Pentest

Última actualización hace 1 mes

¿Te fue útil?

Herramientas

Herramientas de Microsoft

AzureAD

Az Powershell

Az Cli

Microsoft Graph PowerShell

Install-Module Microsoft.Graph -Scope CurrentUser

MS Portals

Otras herramientas

AzureRA

Interactúa con la REST API de Azure y MSGraph para realizar consultas usando tokens (ARM, MSGraph).

git clone "https://github.com/xtormin/PowerPentest.git"
cd PowerPentest/Azure/AzureRA
Import-Module .\AzureRA.psm1

AzureRA

git clone "https://github.com/mgeeky/AzureRT.git"
Import-Module C:\Pentest\Tools\AzureRT\AzureRT.ps1

ADDInternals

# Clonar el repositorio e importar el módulo
git clone "https://github.com/Gerenios/AADInternals.git"
cd AADInternals
Import-Module .\AADInternals.psd1 -Verbose

MicroBust

# Clonar el repositorio e importar el módulo
git clone "https://github.com/NetSPI/MicroBurst.git"
cd MicroBurst
Import-Module .\MicroBurst.psm1

MSOLSpray

# Clonar repositorio e importar el fichero MSOLSpray.ps1
git clone "https://github.com/dafthack/MSOLSpray.git"
cd MSOLSpray
. .\MSOLSpray.ps1

O365EmailValidator

# Clonar el repositorio e importar el fichero O365EmailValidator.ps1
git clone "https://github.com/xtormin/PowerPentest.git"
cd PowerPentest/Azure
. .\O365EmailValidator.ps1

ROADTools

Uso: Herramientas

git clone "https://github.com/dirkjanm/ROADtools.git"
python -m venv venv
.\venv\Scripts\activate

StormPotter

Uso: StormPotter

git clone "https://github.com/Azure/Stormspotter.git"

Opción 1: Docker.

docker-compose up

Opción 2: Levantar los servicios en local.

Backend:

cd "C:\Pentest\Tools\stormspotter\backend\"
pipenv shell
python ssbackend.pyz

Frontend:

cd "C:\Pentest\Tools\stormspotter\frontend\dist\spa\"
quasar.cmd serve -p 9091 --history

AzureHound

Prowler

git clone "https://github.com/prowler-cloud/prowler.git"

BlobHunter

git clone "https://github.com/cyberark/BlobHunter.git"
python -m venv venv
.\venv\Scripts\activate
python -m pip install -r requirements.txt

ScoutSuite

git clone "https://github.com/nccgroup/ScoutSuite.git"
python -m venv venv
.\venv\Scripts\activate
python -m pip install -r requirements.txt

PowerZure

git clone "https://github.com/hausec/PowerZure"
Import-Module C:\Pentest\Tools\PowerZure\PowerZure.psd1

CloudSploit

git clone "https://github.com/aquasecurity/cloudsploit.git"

GraphRunner

git clone "https://github.com/dafthack/GraphRunner.git"

adconnectdump

git clone "https://github.com/dirkjanm/adconnectdump.git"

AnteriorAzure SiguienteMetodología de Azure Pentest

Última actualización hace 1 mes

¿Te fue útil?

Herramientas de Microsoft

AzureAD

Az Powershell

Az Cli

Microsoft Graph PowerShell

Install-Module Microsoft.Graph -Scope CurrentUser

MS Portals

Otras herramientas

AzureRA

Interactúa con la REST API de Azure y MSGraph para realizar consultas usando tokens (ARM, MSGraph).

git clone "https://github.com/xtormin/PowerPentest.git"
cd PowerPentest/Azure/AzureRA
Import-Module .\AzureRA.psm1

AzureRA

git clone "https://github.com/mgeeky/AzureRT.git"
Import-Module C:\Pentest\Tools\AzureRT\AzureRT.ps1

ADDInternals

# Clonar el repositorio e importar el módulo
git clone "https://github.com/Gerenios/AADInternals.git"
cd AADInternals
Import-Module .\AADInternals.psd1 -Verbose

MicroBust

# Clonar el repositorio e importar el módulo
git clone "https://github.com/NetSPI/MicroBurst.git"
cd MicroBurst
Import-Module .\MicroBurst.psm1

MSOLSpray

# Clonar repositorio e importar el fichero MSOLSpray.ps1
git clone "https://github.com/dafthack/MSOLSpray.git"
cd MSOLSpray
. .\MSOLSpray.ps1

O365EmailValidator

# Clonar el repositorio e importar el fichero O365EmailValidator.ps1
git clone "https://github.com/xtormin/PowerPentest.git"
cd PowerPentest/Azure
. .\O365EmailValidator.ps1

ROADTools

Uso: Herramientas

git clone "https://github.com/dirkjanm/ROADtools.git"
python -m venv venv
.\venv\Scripts\activate

StormPotter

Uso: StormPotter

git clone "https://github.com/Azure/Stormspotter.git"

Opción 1: Docker.

docker-compose up

Opción 2: Levantar los servicios en local.

Backend:

cd "C:\Pentest\Tools\stormspotter\backend\"
pipenv shell
python ssbackend.pyz

Frontend:

cd "C:\Pentest\Tools\stormspotter\frontend\dist\spa\"
quasar.cmd serve -p 9091 --history

AzureHound

Uso:

Prowler

git clone "https://github.com/prowler-cloud/prowler.git"

BlobHunter

git clone "https://github.com/cyberark/BlobHunter.git"
python -m venv venv
.\venv\Scripts\activate
python -m pip install -r requirements.txt

ScoutSuite

git clone "https://github.com/nccgroup/ScoutSuite.git"
python -m venv venv
.\venv\Scripts\activate
python -m pip install -r requirements.txt

PowerZure

git clone "https://github.com/hausec/PowerZure"
Import-Module C:\Pentest\Tools\PowerZure\PowerZure.psd1

CloudSploit

git clone "https://github.com/aquasecurity/cloudsploit.git"

GraphRunner

git clone "https://github.com/dafthack/GraphRunner.git"

adconnectdump

git clone "https://github.com/dirkjanm/adconnectdump.git"