Information Gathering which also known as reconnaissance is an activity that will be run by Security Consultant/Pentester. The purpose of the activity is to gather more information on the machine’s configuration which can be useful to the Security Consultant to analyze
For this activity, Security consultants have a variety of choices to use to ensure that the resulting output will fulfill their expectations. One of the tools that be used for assessing Cloud or Azure AD would be AzureADRecon.
Some people might be unaware of the tools because the tools just been release around April this year. AzureADRecon is a tool that will be extracting and combine a various of artefacts using a valid credential within an Azure AD environment.
The result of the tools will be presented via Microsoft Excel report where it will give benefit to a variety of security professionals such as auditors, Administrators, Security Consultant and etc.
Thanks would be given to awesome work to
- @ITsecurityAU Team,
- @CTXIS Team and others.
Usage of AzureADRecon
First of all, we need to fulfill the requirement of the tools such as
- .NET Framework 3.0 or latest version
- PowerShell 2.0 or latest version
- AzureAD PowerShell Module
Once the requirement above been installed, the Tester can download and install by using the following command
git clone https://github.com/adrecon/AzureADRecon.git
You can run the following command after the installation have been completed
PS C:\> .\AzureADRecon.ps1
Source: Github – AzureADRecon