we are the experts

The following outlines a list of software that have been developed in cloud security auditing for optimizing security in Google Cloud platforms. A list of solutions is presented with their respective github descriptions.

1. ROADtools

we are the experts

ROADtools is a framework to interact with Azure AD

ROADrecon is a tool for exploring information in Azure AD from both a Red Team and Blue Team perspective. In short, this is what it does:

  • Uses an automatically generated metadata model to create an SQLAlchemy backed database on disk.
  • Use asynchronous HTTP calls in Python to dump all available information in the Azure AD graph to this database.
  • Provide plugins to query this database and output it to a useful format.
  • Provide an extensive interface built in Angular that queries the offline database directly for its analysis.

Detailed information and setup information: https://github.com/dirkjanm/ROADtools

2. MicroBurst

we are the experts

MicroBurst: A PowerShell Toolkit for Attacking Azure

MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. It is intended to be used during penetration tests where Azure is in use.

Detailed information and setup information: https://github.com/NetSPI/MicroBurst

3. Scout Suite

we are the experts

Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically.

Detailed information and setup information: https://github.com/nccgroup/ScoutSuite

4. PowerZure

we are the experts

PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both perform reconnaissance and exploitation of Azure, AzureAD, and the associated resources.

Detailed information and setup information: https://github.com/hausec/PowerZure

5. Azurite

we are the experts

Azurite - Azurite Explorer and Azurite Visualizer

Azurite was developed to assist penetration testers and auditors during the enumeration and reconnaissance activities within the Microsoft Azure public Cloud environment. It consists of two helper scripts: Azurite Explorer and Azurite Visualizer. The scripts are used to collect, passively, verbose information of the main components within a deployment to be reviewed offline, and visualize the association between the resources using an interactive representation. One of the main features of the visual representation is to provide a quick way to identify insecure Network Security Groups (NSGs) in a subnet or Virtual Machine configuration.

Detailed information and setup information: https://github.com/FSecureLABS/Azurite

6. Stormspotter

we are the experts

Stormspotter creates an “attack graph” of the resources in an Azure subscription. It enables red teams and pen testers to visualize the attack surface and pivot opportunities within a tenant, and supercharges your defenders to quickly orient and prioritize incident response work.

Detailed information and setup information: https://github.com/Azure/Stormspotter

7. Azucar

we are the experts

Azucar is a multi-threaded plugin-based tool to help you assess the security of your Azure Cloud environment.

Detailed information and setup information: https://github.com/nccgroup/azucar

8. Blobhunter

we are the experts

BlobHunter helps you identify Azure blob storage containers which store files that are publicly available to anyone with an internet connection.

The tool will help mitigate risk by identifying poorly configured containers that store sensitive data, which is specifically helpful in larger scale Azure subscriptions where there are a significant number of storage accounts that could be hard to track.

Detailed information and setup information: https://github.com/cyberark/blobhunter

© 2022 SafeKeep.