Need help with PowerZure?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

hausec
617 Stars 101 Forks BSD 3-Clause "New" or "Revised" License 143 Commits 0 Opened issues

Description

PowerShell framework to assess Azure security

Services available

!
?

Need anything else?

Contributors list

# 112,717
Securit...
Azure
Windows
139 commits
# 5,146
Common ...
kali-li...
honeypo...
rfi
1 commit
# 506,139
Securit...
Azure
Windows
1 commit

powerzure

For a list of functions, their usage, and more, check out https://powerzure.readthedocs.io

What is PowerZure?

PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both perform reconnaissance and exploitation of Azure, AzureAD, and the associated resources.

Requirements

The "Az" Azure PowerShell module is the primary module used in PowerZure, as it handles most requests interacting with Azure resources. The Az module interacts using the Azure REST API. It can be installed via PowerShell command

Install-Module -Name Az

The AzureAD PowerShell Module is also used and is for handling AzureAD requests. The AzureAD module uses the Microsoft Graph API and can be installed via the PowerShell command

Install-Module -Name AzureAD

Usage

RTFM: https://powerzure.readthedocs.io

ipmo C:\path\to\PowerZure.psd1

If you have multiple subscriptions, you must set the main subscription with

Set-AzureSubscription
. If you do not do this, things will fail.

Additional Resources

You can type

Show-AzureCurrentUser
to view the current signed-in user's roles in Azure and Azure AD.

You can also type

Get-AzureTargets
to compare your current signed-in user's roles and their scope to resources within Azure.

For target finding, I recommend using AzureHound, the Azure component to BloodHound.

Author & License

Author: Ryan Hausknecht (@haus3c)

License: BSD-3

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.