Herramientas de Microsoft
AzureAD
https://learn.microsoft.com/es-es/powershell/module/azuread/?view=azureadps-2.0
Az Powershell
https://learn.microsoft.com/es-es/powershell/azure/new-azureps-module-az?view=azps-12.0.0
Az Cli
https://learn.microsoft.com/es-es/cli/azure/install-azure-cli
Microsoft Graph PowerShell
https://learn.microsoft.com/en-us/powershell/microsoftgraph/installation?view=graph-powershell-1.0
Copiar Install-Module Microsoft.Graph -Scope CurrentUser
MS Portals
https://msportals.io/
Otras herramientas
AzureRA
Interactúa con la REST API de Azure y MSGraph para realizar consultas usando tokens (ARM, MSGraph).
Copiar git clone "https://github.com/xtormin/PowerPentest.git"
cd PowerPentest/Azure/AzureRA
Import-Module .\AzureRA.psm1
AzureRA
https://github.com/mgeeky/AzureRT
Copiar git clone "https://github.com/mgeeky/AzureRT.git"
Import-Module C:\Pentest\Tools\AzureRT\AzureRT.ps1
ADDInternals
Copiar # Clonar el repositorio e importar el módulo
git clone "https://github.com/Gerenios/AADInternals.git"
cd AADInternals
Import-Module .\AADInternals.psd1 -Verbose
MicroBust
Copiar # Clonar el repositorio e importar el módulo
git clone "https://github.com/NetSPI/MicroBurst.git"
cd MicroBurst
Import-Module .\MicroBurst.psm1
MSOLSpray
Copiar # Clonar repositorio e importar el fichero MSOLSpray.ps1
git clone "https://github.com/dafthack/MSOLSpray.git"
cd MSOLSpray
. .\MSOLSpray.ps1
O365EmailValidator
Copiar # Clonar el repositorio e importar el fichero O365EmailValidator.ps1
git clone "https://github.com/xtormin/PowerPentest.git"
cd PowerPentest/Azure
. .\O365EmailValidator.ps1
ROADTools
Uso: #greater-than-roadtools
Copiar git clone "https://github.com/dirkjanm/ROADtools.git"
python -m venv venv
.\venv\Scripts\activate
StormPotter
Uso: StormPotter
Copiar git clone "https://github.com/Azure/Stormspotter.git"
Opción 2: Levantar los servicios en local.
Copiar cd "C:\Pentest\Tools\stormspotter\backend\"
pipenv shell
python ssbackend.pyz
Copiar cd "C:\Pentest\Tools\stormspotter\frontend\dist\spa\"
quasar.cmd serve -p 9091 --history
AzureHound
Copiar $passwd = ConvertTo-SecureString "<contraseña>" -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential("<email>", $passwd)
Connect-AzAccount -Credential $creds
Connect-AzureAD -Credential $creds
Copiar . C:\Pentest\Tools\AzureHound\AzureHound.ps1
Invoke-AzureHound -Verbose
Prowler
Copiar git clone "https://github.com/prowler-cloud/prowler.git"
BlobHunter
Copiar git clone "https://github.com/cyberark/BlobHunter.git"
python -m venv venv
.\venv\Scripts\activate
python -m pip install -r requirements.txt
ScoutSuite
Copiar git clone "https://github.com/nccgroup/ScoutSuite.git"
python -m venv venv
.\venv\Scripts\activate
python -m pip install -r requirements.txt
PowerZure
Copiar git clone "https://github.com/hausec/PowerZure"
Import-Module C:\Pentest\Tools\PowerZure\PowerZure.psd1
CloudSploit
Copiar git clone "https://github.com/aquasecurity/cloudsploit.git"
GraphRunner
Copiar git clone "https://github.com/dafthack/GraphRunner.git"