Resources

Enum¶

Tool	Description
UpdateCloudIPs	Collects the latest IP addresses used by AWS/GCP/Azure Full list for Azure: https://www.microsoft.com/en-us/download/details.aspx?id=41653
cloud_enum	Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud Usage: `$ python cloudenum.py -k keyword`
Stormspotter	Creates an attack graph (Neo4j) of the resources in an Azure subscription
cloud-service-enum	Cloud Services Enumeration
PowerZure	PowerShell project created to assess and exploit resources within Azure

Tool	Description
Google	`site:*.blob.core.windows.net`
dnscan	`$ python dnscan.py -d blob.core.windows.net -w subdomains-100.txt`


Azure Ad Introduction For Red Teamers	Presents Azure AD and explores different attacking paths
Attacking Azure, Azure AD	Part 1 Part 2
Lateral Movement from Azure to On-Prem AD	Post explaining what Hybrid Azure Join is, target enumeration, and how to abuse Intune/Endpoint Manager to execute code as SYSTEM on target systems
Azure AD Pass The Certificate	Post explaining what NegoEx and PKU2U are, what a P2P certificate is and how to use those to gain access to Azure AD machines
Abusing dynamic groups in Azure AD for privilege escalation	Blog presenting a new technique for escalating privileges within Azure environments through the abuse of dynamic groups in Azure Active Directory