Open in app

Sign in

Write

Sign in

Mastering Azure Enumeration: Techniques for Unauthenticated and Authenticated Hacking

n00๐Ÿ”‘
11 min read4 days ago

Terminology-

  • Tenant โ€” An instance of Azure AD and represents a single organization.
  • Azure AD Directory โ€” Each tenant has a dedicated Directory. This is used to perform identity and access management functions for resources.
  • Subscriptions โ€” It is used to pay for services. There can be multiple subscriptions in a Directory.
  • Core Domain โ€” The initial domain name <tenant>.onmicrosoft.com is the core domain. It is possible to define custom domain names too.

Managed Identity(Similar to roles in AWS)-

  • Azure provides the ability to assign Managed Identities to resources like app service, function apps, virtual machines etc.
  • Managed Identity uses Azure AD tokens to access other resources (like key vaults, storage accounts) that support Azure AD authentication.
  • It is a service principal of a special type that can be used with Azure resources.
  • Managed Identity can be system-assigned (tied to a resource and cannot be shared with other resources) or user-assigned (independent life cycle and can be shared across resources).

Unauthenticated-

Tenant Information

https://login.microsoftonline.com/getuserrealm.srf?login=pswalia2u.onmicrosoft.com

Set-ExecutionPolicy bypass
Import-Module .\AADInternals.psd1โ€ฆ

--

--

n00๐Ÿ”‘

Written by n00๐Ÿ”‘

449 Followers

Computer Security Enthusiast. Usually plays HTB (ID-23862). https://www.youtube.com/@pswalia2u https://www.linkedin.com/in/pswalia2u/ Instagram @pswalia4u

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams