VK9 Security

[Authenticated][Information Gathering] Manual Azure Active Directory enumeration using AzureAD Powershell Module

by | Apr 8, 2024 | Cloud, Cloud Enumeration, Red Team | 0 comments

Table of Contents

Description

Azure Active Directory PowerShell for Graph (Azure AD PowerShell) is a module IT Pros commonly use to manage their Azure Active Directory. The cmdlets in the Azure AD PowerShell module enable you to retrieve data from the directory, create new objects in the directory, update existing objects, remove objects, as well as configure the directory and its features.

Requirements

Authenticated account

Installation

1. In order to install AzureAD run this command

  • Install-Module -Name AzureAD -Scope CurrentUser -Repository PSGallery -Force

2. List the module’s cmdlets

  • Get-Command -Module AzureAD

3. Display cmdlet help

  • Get-Help Connect-AzureAD -Detailed
  • Get-Help <cmdlet name> -Examples
  • Get-Help <cmdlet name> -Full

Enumeration

1. Connect to the Cloud

  • Connect-AzureAD

Get-AzureADDomain

The Get-AzureADDomain cmdlet gets a domain in Azure Active Directory (AD).

  • Get-AzureADDomain

Get-AzureADUser

The Get-AzureADUser cmdlet gets a user from Azure Active Directory (AD).

  • Get-AzureADUser
  • Get-AzureADUser -Filter <String>

Get-AzureADGroup

The Get-AzureADGroup cmdlet gets a group in Azure Active Directory (AD).

  • Get-AzureADGroup

Get-AzureADDirectoryRole

The Get-AzureADDirectoryRole cmdlet gets a directory role from Azure Active Directory (AD).

  • Get-AzureADDirectoryRole

Get-AzureADDirectoryRoleMember

The Get-AzureADDirectoryRoleMember cmdlet gets the members of a directory role in Azure Active Directory (AD).

  • Get-AzureADDirectoryRoleMember -ObjectId “<object-id>”

Get-AzureADApplication

The Get-AzureADApplication cmdlet gets an Azure Active Directory application.

  • Get-AzureADApplication

Get-AzureADApplicationOwner

The Get-AzureADApplicationOwner cmdlet get an owner of an Azure Active Directory application. Using the object-id of the application (Get-AzureADApplication)

  • Get-AzureADApplicationOwner -ObjectId “<object-id>”

Get-AzureADApplicationPasswordCredential

The Get-AzureADApplicationPasswordCredential cmdlet gets the password credentials for an Azure Active Directory application. Using the object-id of the application (Get-AzureADApplication)

  • Get-AzureADApplicationPasswordCredential -ObjectId “<object-id>”

References

https://docs.microsoft.com/en-us/powershell/module/azuread/get-azureaduser?view=azureadps-2.0

https://docs.microsoft.com/en-us/powershell/module/azuread

468

Submit a Comment