Skip to content

Latest commit

 

History

History
91 lines (75 loc) · 6.09 KB

README.md

File metadata and controls

91 lines (75 loc) · 6.09 KB

MicroBurstLogo
licence badge stars badge forks badge issues badge Twitter Follow

MicroBurst: A PowerShell Toolkit for Attacking Azure

MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. It is intended to be used during penetration tests where Azure is in use.

Author, Contributors, and License

  • Author: Karl Fosaaen (@kfosaaen), NetSPI
  • Contributors:
  • License: BSD 3-Clause
  • Required Dependencies: Az, Azure, AzureRM, AzureAD, and MSOnline PowerShell Modules are all used in different scripts
  • Dependencies Note: Originally written with the AzureRM PS modules, older scripts have been ported to their newer Az equivalents
  • Platform Note: These scripts will only run on a Windows-based platform.

Importing the Module / Usage

PS C:> Import-Module .\MicroBurst.psm1

This will import all applicable functions based off of the currently installed modules in your environment. The scripts can then be invoked using their names like

PS C:> Get-AzDomainInfo

If you want to simplify the trusting of the code files, use the following "Unblock-File" command to recursively trust each of the downloaded files:

PS C:> dir -Recurse .\MicroBurst-master | Unblock-File

Recommended Modules to install:

Here's how a module can be installed in Powershell

PS C:> Install-Module <module-name>

Scripts Information

If you want to learn what a specific script does use Get-Help with script name like:

PS C:> Get-Help Invoke-EnumerateAzureSubDomains

Related Blogs

Presentations

Wiki Information

Check out the MicroBurst Wiki for more information on the usage of the toolkit and the available functions.