AzureHound (BloodHound) is a Go binary that collects data from AzureAD and AzureRM via the MS Graph and Azure REST APIs. It does not use any external dependencies and will run on any operating system.
- Awesome Azure Penetration Testing (GitHub)
Azure Account Setup
- Create an Azure account here.
- Sign in the Azure portal.
Azure CLI
The Azure command-line interface (Azure CLI) is a set of commands used to create and manage Azure resources. The Azure CLI is available across Azure services and is designed to get you working quickly with Azure, with an emphasis on automation.
- Azure CLI Reference (Microsoft)
Installation
sudo apt install azure-cli
Setup
This command will open a web browser for you to log in.
az login
If no web browser is available, use device code flow.
az login --use-device-code
Show details of a subscription
az account show
Help
az help
az functionapp -h
az functionapp list -h
List of resource groups in Azure
az group list
Azure Functions
- Azure Functions overview (Microsoft)
- az functionapp (Microsoft)
Similar to AWS Lambda. Azure Functions has runtimes for JavaScript, Java, Python, C#, F#, and PowerShell (preview). Azure lacks Go and Ruby—otherwise, the language options are very similar.
az functionapp -h
az functionapp list
Azure uses resource groups. Permissions can apply globally but also at the resource group level. So what you may not be able to do at the global level, you might be able to do at a resource group level by specifying a –resource-group.
az group list
az functionapp list --resource-group <resource group>
Azure Virtual Machines
Manage Linux or Windows virtual machines.
- az vm (Microsoft)
- az vm run-command invoke (Microsoft)
az vm -h
List VMs from resource group
az vm list --resource-group <resource group>
Run a command on a VM
az vm run-command invoke -n <VM name> --resource-group <resource group> --command-id RunShellScript --scripts "ls -la"