0% found this document useful (0 votes)

28 views3 pages

Complete Azure Enumeration Playbook

Uploaded by

synack05hacker

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

28 views3 pages

Complete Azure Enumeration Playbook

Uploaded by

synack05hacker

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 3

Comprehensive Azure & Microsoft Graph Enumeration Playbook

1. Connect to Microsoft Graph & Azure Modules

# Microsoft Graph PowerShell

Connect-MgGraph -Scopes "Directory.Read.All", "User.Read.All", "Group.Read.All", "RoleManagement.Read.Directory",

"Policy.Read.All", "Application.Read.All", "Device.Read.All"

# Azure PowerShell

Connect-AzAccount

2. Enumerate All Users, Groups, and Roles

# Users

Get-MgUser -All | Select-Object DisplayName, UserPrincipalName, Id

Get-AzADUser | Select-Object DisplayName, UserPrincipalName

# Groups

Get-MgGroup -All | Select-Object DisplayName, GroupTypes

Get-MgGroupMember -GroupId <group-id>

Get-AzADGroup

Get-AzADGroupMember -GroupObjectId <group-id>

# Roles and Assignments

Get-MgRoleManagementDirectoryRoleAssignment

Get-MgDirectoryRole

Get-AzRoleAssignment

Get-AzRoleDefinition

3. Enumerate Applications, SPNs, and Permissions

Comprehensive Azure & Microsoft Graph Enumeration Playbook

# Applications and Service Principals

Get-MgApplication -All | Select-Object DisplayName, AppId

Get-MgServicePrincipal -All | Select-Object DisplayName, AppId, Id

Get-AzADApplication

Get-AzADServicePrincipal

# App Permissions

Get-MgServicePrincipalAppRoleAssignedTo -ServicePrincipalId <id>

Get-MgOauth2PermissionGrant

4. Check Policies (Conditional Access, MFA, Token Lifetime)

# Conditional Access Policies

Get-MgConditionalAccessPolicy

# Authentication Methods & Strength Policies

Get-MgPolicyAuthenticationMethodsPolicy

Get-MgPolicyAuthenticationStrengthPolicy

# Token Lifetime Policies

Get-MgPolicyTokenLifetimePolicy

5. Enumerate Subscriptions, Key Vaults, and Storage

# Subscriptions

Get-AzSubscription

Set-AzContext -SubscriptionId <id>

# Key Vaults and Secrets

Get-AzKeyVault
Comprehensive Azure & Microsoft Graph Enumeration Playbook

Get-AzKeyVaultSecret -VaultName <vault>

Get-AzKeyVaultKey -VaultName <vault>

# Storage Accounts

Get-AzStorageAccount

Get-AzStorageContainer -StorageAccountName <account>

$key = (Get-AzStorageAccountKey -ResourceGroup <rg> -AccountName <acc>)[0].Value

$ctx = New-AzStorageContext -StorageAccountName <acc> -StorageAccountKey $key

Get-AzStorageBlob -Container <container> -Context $ctx

6. Detect Over-Privileged Identities

# List all role assignments

Get-AzRoleAssignment | Select-Object DisplayName, RoleDefinitionName, Scope

# Identify Global Admins and Privileged Roles

Get-MgDirectoryRole | Where-Object {$_.DisplayName -match "Admin"}

Get-MgDirectoryRoleMember -DirectoryRoleId <id>

7. Cross-Reference Roles and App Registrations for Abuse

# Find SPNs with privileged roles

Get-AzRoleAssignment | Where-Object { $_.PrincipalType -eq "ServicePrincipal" }

# List app roles assigned to SPNs

Get-MgServicePrincipalAppRoleAssignedTo

# Identify apps with high privileges

Get-MgServicePrincipal | Where-Object { $_.AppRoles -ne $null -and $_.AppRoles.AllowedMemberTypes -contains

"Application" }

Azure
100% (1)
Azure
4 pages
Microsoft 365 Admin O365 Worldwide Part13
No ratings yet
Microsoft 365 Admin O365 Worldwide Part13
83 pages
Azure Pentest
No ratings yet
Azure Pentest
42 pages
ReconnaissanceAzureCloud WithKevinKlingbilenotes
No ratings yet
ReconnaissanceAzureCloud WithKevinKlingbilenotes
46 pages
Azure Cloud Shell PowerShell Guide
No ratings yet
Azure Cloud Shell PowerShell Guide
3 pages
Cheat Sheet Azure Solutions Architect Expert AZ 305
100% (4)
Cheat Sheet Azure Solutions Architect Expert AZ 305
82 pages
Azure With Essential CLI Commands
No ratings yet
Azure With Essential CLI Commands
7 pages
asset-v1-Microsoft+INF216x+2T2017+type@asset+block@INF216x Azure For On-Premises Practical Exercises PDF
No ratings yet
asset-v1-Microsoft+INF216x+2T2017+type@asset+block@INF216x Azure For On-Premises Practical Exercises PDF
24 pages
Az 104t00a Enu Powerpoint 02
No ratings yet
Az 104t00a Enu Powerpoint 02
31 pages
Azure Devops Security Checklist: 17 Green Lanes, London, England, N16 9Bs
No ratings yet
Azure Devops Security Checklist: 17 Green Lanes, London, England, N16 9Bs
38 pages
M01 - Azure Governance
No ratings yet
M01 - Azure Governance
37 pages
Cloud Pentesting Cheatsheet
100% (1)
Cloud Pentesting Cheatsheet
22 pages
Azure Storage Hands-On Guide
No ratings yet
Azure Storage Hands-On Guide
7 pages
20533D PDF
No ratings yet
20533D PDF
159 pages
Getting Started With Azure PowerShell - Part 1
No ratings yet
Getting Started With Azure PowerShell - Part 1
4 pages
05 Microsoftazurefundamentalsidentitygovernanceprivacycompliance 1606403902492
No ratings yet
05 Microsoftazurefundamentalsidentitygovernanceprivacycompliance 1606403902492
33 pages
AZ 305 Master Cheat Sheet PDF
No ratings yet
AZ 305 Master Cheat Sheet PDF
252 pages
AZ-900T00 Microsoft Azure Fundamentals-05 (Identity, Gov, Priv, Compliance) - FINAL
No ratings yet
AZ-900T00 Microsoft Azure Fundamentals-05 (Identity, Gov, Priv, Compliance) - FINAL
34 pages
Azure Monitor Overview - Microsoft Docs
No ratings yet
Azure Monitor Overview - Microsoft Docs
3,126 pages
AZ 305 Master Cheat Sheet
No ratings yet
AZ 305 Master Cheat Sheet
126 pages
Az204 Module3 Security
No ratings yet
Az204 Module3 Security
16 pages
Az 900
82% (17)
Az 900
318 pages
RBAC and NSG 2
No ratings yet
RBAC and NSG 2
18 pages
Azure Devops Organizations Security Azure Devops
No ratings yet
Azure Devops Organizations Security Azure Devops
840 pages
AZ 900T00 Microsoft Azure Fundamentals 03
No ratings yet
AZ 900T00 Microsoft Azure Fundamentals 03
67 pages
Azure Security Essentials Guide
No ratings yet
Azure Security Essentials Guide
83 pages
Troubleshoot With Confidence - Exploring Azure Monitor
No ratings yet
Troubleshoot With Confidence - Exploring Azure Monitor
7 pages
Azure 2
No ratings yet
Azure 2
22 pages
AZ-900T01 Microsoft Azure Fundamentals-03
No ratings yet
AZ-900T01 Microsoft Azure Fundamentals-03
26 pages
2
No ratings yet
2
2 pages
Lab 06 Rbac
No ratings yet
Lab 06 Rbac
8 pages
It's Raining Shells: How To Find New Attack Primitives in Azure
No ratings yet
It's Raining Shells: How To Find New Attack Primitives in Azure
170 pages
Az 104t00a Enu Powerpoint 02
No ratings yet
Az 104t00a Enu Powerpoint 02
34 pages
2
No ratings yet
2
2 pages
2
No ratings yet
2
2 pages
2
No ratings yet
2
2 pages
2
No ratings yet
2
2 pages
MDR Playbook
No ratings yet
MDR Playbook
19 pages
Essentials On Azure DevOps Services and GitHub Book 8
No ratings yet
Essentials On Azure DevOps Services and GitHub Book 8
42 pages
Active Directory App Manifest
No ratings yet
Active Directory App Manifest
13 pages
Azure Identity and Governance Guide
No ratings yet
Azure Identity and Governance Guide
27 pages
Az 104t00a Enu Powerpoint 11
No ratings yet
Az 104t00a Enu Powerpoint 11
33 pages
Azure DevOps & Security Specialist
No ratings yet
Azure DevOps & Security Specialist
2 pages
Azure Pentesting Guide
No ratings yet
Azure Pentesting Guide
30 pages
Az-104 Azure Administrator Quick Notes
100% (3)
Az-104 Azure Administrator Quick Notes
104 pages
2
No ratings yet
2
2 pages
Az 104t00a Enu Powerpoint 02
No ratings yet
Az 104t00a Enu Powerpoint 02
34 pages
Cloud PenTest Guide for IT Pros
No ratings yet
Cloud PenTest Guide for IT Pros
1 page
Azure & AWS Cloud Pentesting Guide
No ratings yet
Azure & AWS Cloud Pentesting Guide
21 pages
AZ 104T00A ENU PowerPoint - 02
No ratings yet
AZ 104T00A ENU PowerPoint - 02
39 pages
Azure Devops Security Checklist
No ratings yet
Azure Devops Security Checklist
51 pages
DevSecOps: Microsoft Security Tools
No ratings yet
DevSecOps: Microsoft Security Tools
17 pages
1
No ratings yet
1
2 pages
2023-10-10 - A Hitch-Hackers Guide To DACL-Based Detections - Part 1
No ratings yet
2023-10-10 - A Hitch-Hackers Guide To DACL-Based Detections - Part 1
31 pages
Threat Hunting KQL Queries Based On Sentinel Tables
No ratings yet
Threat Hunting KQL Queries Based On Sentinel Tables
13 pages
Powershell Microsoftgraph Graph Powershell 1.0
No ratings yet
Powershell Microsoftgraph Graph Powershell 1.0
117 pages
XII. Describe Monitoring Tools in Azure
No ratings yet
XII. Describe Monitoring Tools in Azure
12 pages
Az 900t00a Enu Powerpoint 03
No ratings yet
Az 900t00a Enu Powerpoint 03
34 pages
Restaurant Zaika Business Plan
No ratings yet
Restaurant Zaika Business Plan
17 pages
Pre-Calculus Modeling for Engineers
No ratings yet
Pre-Calculus Modeling for Engineers
11 pages
Nephrotic Syndrome in Child Health Nursing
No ratings yet
Nephrotic Syndrome in Child Health Nursing
3 pages
Noor Islamic Bank 2009 Overview
No ratings yet
Noor Islamic Bank 2009 Overview
45 pages
Wubbzy's Doodleberry Dilemma
No ratings yet
Wubbzy's Doodleberry Dilemma
12 pages
DETAILED LESSON PLAN Mutation1
No ratings yet
DETAILED LESSON PLAN Mutation1
9 pages
IB Environment
No ratings yet
IB Environment
25 pages
Inferring Meaning From Context Remedial Worksheet April 2026
No ratings yet
Inferring Meaning From Context Remedial Worksheet April 2026
2 pages
Law Review Guide for Students
0% (1)
Law Review Guide for Students
18 pages
hw4 Soln
No ratings yet
hw4 Soln
10 pages
2024 City of Galesburg Annual Report
No ratings yet
2024 City of Galesburg Annual Report
50 pages
Foundations in Microbiology Basic Principles 10th Edition Unlocked Test Bank
No ratings yet
Foundations in Microbiology Basic Principles 10th Edition Unlocked Test Bank
305 pages
Gate 2026 Test Series All Details
No ratings yet
Gate 2026 Test Series All Details
9 pages
A Monkey in Winter
No ratings yet
A Monkey in Winter
4 pages
Ethiopia Mineral Exploration Agreement Sample
100% (6)
Ethiopia Mineral Exploration Agreement Sample
41 pages
Representation of A Channel
No ratings yet
Representation of A Channel
22 pages
Final Project
No ratings yet
Final Project
69 pages
Unit 2 - Supply Chain Network
No ratings yet
Unit 2 - Supply Chain Network
32 pages
Binks B4 Airless Paint Pump
No ratings yet
Binks B4 Airless Paint Pump
12 pages
Eol ICT NW
No ratings yet
Eol ICT NW
15 pages
ISGOTT 6th Edition: Essential Safety Guide
100% (1)
ISGOTT 6th Edition: Essential Safety Guide
1 page
M.C.A. (Semester-III), Session (2020-22) Examination Held in January, 2023
No ratings yet
M.C.A. (Semester-III), Session (2020-22) Examination Held in January, 2023
1 page
Turbulent Flow and Shear Stress Analysis
No ratings yet
Turbulent Flow and Shear Stress Analysis
12 pages
Literature Review of HCL
100% (1)
Literature Review of HCL
8 pages
NAV9000 Self Checklist by Chief Engineer (NAV-N020-H)
No ratings yet
NAV9000 Self Checklist by Chief Engineer (NAV-N020-H)
5 pages
أساليب البلاغة في سورة الملك
75% (4)
أساليب البلاغة في سورة الملك
24 pages
HRM FINAL - Capstone - Presentation - FOR - GEORGE
No ratings yet
HRM FINAL - Capstone - Presentation - FOR - GEORGE
16 pages
Vendor Request Form (VRF)
No ratings yet
Vendor Request Form (VRF)
7 pages
Final Exam Ship Safety
100% (1)
Final Exam Ship Safety
3 pages
KP System / Nakshatra Nadi
100% (2)
KP System / Nakshatra Nadi
2 pages

Complete Azure Enumeration Playbook

Uploaded by

Complete Azure Enumeration Playbook

Uploaded by

Comprehensive Azure & Microsoft Graph Enumeration Playbook

1. Connect to Microsoft Graph & Azure Modules

# Microsoft Graph PowerShell

Connect-MgGraph -Scopes "Directory.Read.All", "User.Read.All", "Group.Read.All", "RoleManagement.Read.Directory",

"Policy.Read.All", "Application.Read.All", "Device.Read.All"

2. Enumerate All Users, Groups, and Roles

Get-MgUser -All | Select-Object DisplayName, UserPrincipalName, Id

Get-AzADUser | Select-Object DisplayName, UserPrincipalName

Get-MgGroup -All | Select-Object DisplayName, GroupTypes

Get-MgGroupMember -GroupId <group-id>

Get-AzADGroupMember -GroupObjectId <group-id>

# Roles and Assignments

3. Enumerate Applications, SPNs, and Permissions

# Applications and Service Principals

Get-MgApplication -All | Select-Object DisplayName, AppId

Get-MgServicePrincipal -All | Select-Object DisplayName, AppId, Id

Get-MgServicePrincipalAppRoleAssignedTo -ServicePrincipalId <id>

4. Check Policies (Conditional Access, MFA, Token Lifetime)

# Conditional Access Policies

# Authentication Methods & Strength Policies

# Token Lifetime Policies

5. Enumerate Subscriptions, Key Vaults, and Storage

Set-AzContext -SubscriptionId <id>

# Key Vaults and Secrets

Get-AzKeyVaultSecret -VaultName <vault>

Get-AzKeyVaultKey -VaultName <vault>

Get-AzStorageContainer -StorageAccountName <account>

$key = (Get-AzStorageAccountKey -ResourceGroup <rg> -AccountName <acc>)[0].Value

$ctx = New-AzStorageContext -StorageAccountName <acc> -StorageAccountKey $key

Get-AzStorageBlob -Container <container> -Context $ctx

6. Detect Over-Privileged Identities

# List all role assignments

Get-AzRoleAssignment | Select-Object DisplayName, RoleDefinitionName, Scope

# Identify Global Admins and Privileged Roles

Get-MgDirectoryRole | Where-Object {$_.DisplayName -match "Admin"}

Get-MgDirectoryRoleMember -DirectoryRoleId <id>

7. Cross-Reference Roles and App Registrations for Abuse

# Find SPNs with privileged roles

Get-AzRoleAssignment | Where-Object { $_.PrincipalType -eq "ServicePrincipal" }

# List app roles assigned to SPNs

# Identify apps with high privileges

Get-MgServicePrincipal | Where-Object { $_.AppRoles -ne $null -and $_.AppRoles.AllowedMemberTypes -contains

You might also like