diff --git a/src/AppContainer.jsx b/src/AppContainer.jsx
index 06959d42f..b620d5f94 100644
--- a/src/AppContainer.jsx
+++ b/src/AppContainer.jsx
@@ -38,12 +38,20 @@ const fullEdgeList = [
'SQLAdmin',
'HasSIDHistory',
'AZAddMembers',
+ 'AZAddSecret',
+ 'AZAvereContributor',
'AZContains',
'AZContributor',
+ 'AZExecuteCommand',
'AZGetCertificates',
'AZGetKeys',
'AZGetSecrets',
'AZGlobalAdmin',
+ 'AZGrant',
+ 'AZGrantSelf',
+ 'AZHasRole',
+ 'AZMemberOf',
+ 'AZOwner',
'AZOwns',
'AZPrivilegedRoleAdmin',
'AZResetPassword',
@@ -52,6 +60,7 @@ const fullEdgeList = [
'AZCloudAppAdmin',
'AZRunsAs',
'AZKeyVaultContributor',
+ 'AZVMAdminLogin',
'Contains',
'GPLink',
'AllExtendedRights',
diff --git a/src/components/Modals/HelpModal.jsx b/src/components/Modals/HelpModal.jsx
index c49d82b4e..99c242795 100644
--- a/src/components/Modals/HelpModal.jsx
+++ b/src/components/Modals/HelpModal.jsx
@@ -29,11 +29,19 @@ import HasSIDHistory from './HelpTexts/HasSIDHistory/HasSIDHistory';
import TrustedBy from './HelpTexts/TrustedBy/TrustedBy';
import CanPSRemote from './HelpTexts/CanPSRemote/CanPSRemote';
import AZAddMembers from './HelpTexts/AZAddMembers/AZAddMembers';
+import AZAddSecret from './HelpTexts/AZAddSecret/AZAddSecret';
+import AZAvereContributor from './HelpTexts/AZAvereContributor/AZAvereContributor';
import AZContains from './HelpTexts/AZContains/AZContains';
import AZContributor from './HelpTexts/AZContributor/AZContributor';
+import AZExecuteCommand from './HelpTexts/AZExecuteCommand/AZExecuteCommand';
import AZGetCertificates from './HelpTexts/AZGetCertificates/AZGetCertificates';
import AZGetKeys from './HelpTexts/AZGetKeys/AZGetKeys';
import AZGetSecrets from './HelpTexts/AZGetSecrets/AZGetSecrets';
+import AZGrant from './HelpTexts/AZGrant/AZGrant';
+import AZGrantSelf from './HelpTexts/AZGrantSelf/AZGrantSelf';
+import AZHasRole from './HelpTexts/AZHasRole/AZHasRole';
+import AZMemberOf from './HelpTexts/AZMemberOf/AZMemberOf';
+import AZOwner from './HelpTexts/AZOwner/AZOwner';
import AZOwns from './HelpTexts/AZOwns/AZOwns';
import AZPrivilegedRoleAdmin from './HelpTexts/AZPrivilegedRoleAdmin/AZPrivilegedRoleAdmin';
import AZResetPassword from './HelpTexts/AZResetPassword/AZResetPassword';
@@ -42,6 +50,7 @@ import AZGlobalAdmin from './HelpTexts/AZGlobalAdmin/AZGlobalAdmin';
import AZAppAdmin from './HelpTexts/AZAppAdmin/AZAppAdmin';
import AZCloudAppAdmin from './HelpTexts/AZCloudAppAdmin/AZCloudAppAdmin';
import AZRunsAs from './HelpTexts/AZRunsAs/AZRunsAs';
+import AZVMAdminLogin from './HelpTexts/AZVMAdminLogin/AZVMAdminLogin';
import AZVMContributor from './HelpTexts/AZVMContributor/AZVMContributor';
import Default from './HelpTexts/Default/Default';
import WriteSPN from "./HelpTexts/WriteSPN/WriteSPN";
@@ -113,11 +122,19 @@ const HelpModal = () => {
TrustedBy: TrustedBy,
CanPSRemote: CanPSRemote,
AZAddMembers: AZAddMembers,
+ AZAddSecret: AZAddSecret,
+ AZAvereContributor: AZAvereContributor,
AZContains: AZContains,
AZContributor: AZContributor,
+ AZExecuteCommand: AZExecuteCommand,
AZGetCertificates: AZGetCertificates,
AZGetKeys: AZGetKeys,
AZGetSecrets: AZGetSecrets,
+ AZGrant: AZGrant,
+ AZGrantSelf: AZGrantSelf,
+ AZHasRole: AZHasRole,
+ AZMemberOf: AZMemberOf,
+ AZOwner: AZOwner,
AZOwns: AZOwns,
AZPrivilegedRoleAdmin: AZPrivilegedRoleAdmin,
AZResetPassword: AZResetPassword,
@@ -126,6 +143,7 @@ const HelpModal = () => {
AZAppAdmin: AZAppAdmin,
AZCloudAppAdmin: AZCloudAppAdmin,
AZRunsAs: AZRunsAs,
+ AZVMAdminLogin: AZVMAdminLogin,
AZVMContributor: AZVMContributor,
WriteSPN: WriteSPN,
AddSelf: AddSelf,
diff --git a/src/components/Modals/HelpTexts/AZAddSecret/AZAddSecret.jsx b/src/components/Modals/HelpTexts/AZAddSecret/AZAddSecret.jsx
new file mode 100644
index 000000000..955b7bb96
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAddSecret/AZAddSecret.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZAddSecret = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZAddSecret.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZAddSecret;
diff --git a/src/components/Modals/HelpTexts/AZAddSecret/Abuse.jsx b/src/components/Modals/HelpTexts/AZAddSecret/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAddSecret/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZAddSecret/General.jsx b/src/components/Modals/HelpTexts/AZAddSecret/General.jsx
new file mode 100644
index 000000000..1e94b5c1f
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAddSecret/General.jsx
@@ -0,0 +1,11 @@
+import { groupSpecialFormat} from '../Formatter';
+
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = `Azure provides several systems and mechanisms for granting control of securable objects within Azure Active Directory, including tenant-scoped admin roles, object-scoped admin roles, explicit object ownership, and API permissions.
+
+ When a principal has been granted "Cloud App Admin" or "App Admin" against the tenant, that principal gains the ability to add new secrets to all Service Principals and App Registrations. Additionally, a principal that has been granted "Cloud App Admin" or "App Admin" against, or explicit ownership of a Service Principal or App Registration gains the ability to add secrets to that particular object.
+ `;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZAddSecret/Opsec.jsx b/src/components/Modals/HelpTexts/AZAddSecret/Opsec.jsx
new file mode 100644
index 000000000..b4cf80462
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAddSecret/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZAddSecret/References.jsx b/src/components/Modals/HelpTexts/AZAddSecret/References.jsx
new file mode 100644
index 000000000..a7992972d
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAddSecret/References.jsx
@@ -0,0 +1,8 @@
+const References = () => {
+ let text = `ATT&CK T1098: Account Manipulation
+ Andy Robbins - Azure Privilege Escalation via Service Principal Abuse
+ Assign Azure AD roles at different scopes`;
+ return { __html: text };
+};
+
+export default References;
diff --git a/src/components/Modals/HelpTexts/AZAvereContributor/AZAvereContributor.jsx b/src/components/Modals/HelpTexts/AZAvereContributor/AZAvereContributor.jsx
new file mode 100644
index 000000000..e8c152e5f
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAvereContributor/AZAvereContributor.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZAvereContributor = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZAvereContributor.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZAvereContributor;
diff --git a/src/components/Modals/HelpTexts/AZAvereContributor/Abuse.jsx b/src/components/Modals/HelpTexts/AZAvereContributor/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAvereContributor/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZAvereContributor/General.jsx b/src/components/Modals/HelpTexts/AZAvereContributor/General.jsx
new file mode 100644
index 000000000..dc19cd1df
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAvereContributor/General.jsx
@@ -0,0 +1,6 @@
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = `Any principal granted the Avere Contributor role, scoped to the affected VM, can reset the built-in administrator password on the VM.`;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZAvereContributor/Opsec.jsx b/src/components/Modals/HelpTexts/AZAvereContributor/Opsec.jsx
new file mode 100644
index 000000000..6e17529d0
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAvereContributor/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = `Azure will log each password reset event, including who performed the reset, against which account, and at what date and time.`;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZAvereContributor/References.jsx b/src/components/Modals/HelpTexts/AZAvereContributor/References.jsx
new file mode 100644
index 000000000..a3816a565
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZAvereContributor/References.jsx
@@ -0,0 +1,8 @@
+const References = () => {
+ let text = `ATT&CK T0008: Lateral Movement
+ ATT&CK T1021: Remote Services
+ Microsoft Docs - Avere Contributor`;
+ return { __html: text };
+};
+
+export default References;
diff --git a/src/components/Modals/HelpTexts/AZExecuteCommand/AZExecuteCommand.jsx b/src/components/Modals/HelpTexts/AZExecuteCommand/AZExecuteCommand.jsx
new file mode 100644
index 000000000..8ae1ec3cb
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZExecuteCommand/AZExecuteCommand.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZExecuteCommand = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZExecuteCommand.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZExecuteCommand;
diff --git a/src/components/Modals/HelpTexts/AZExecuteCommand/Abuse.jsx b/src/components/Modals/HelpTexts/AZExecuteCommand/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZExecuteCommand/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZExecuteCommand/General.jsx b/src/components/Modals/HelpTexts/AZExecuteCommand/General.jsx
new file mode 100644
index 000000000..cca3221fb
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZExecuteCommand/General.jsx
@@ -0,0 +1,8 @@
+import { groupSpecialFormat} from '../Formatter';
+
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZExecuteCommand/Opsec.jsx b/src/components/Modals/HelpTexts/AZExecuteCommand/Opsec.jsx
new file mode 100644
index 000000000..b4cf80462
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZExecuteCommand/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZExecuteCommand/References.jsx b/src/components/Modals/HelpTexts/AZExecuteCommand/References.jsx
new file mode 100644
index 000000000..5aed5a6bb
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZExecuteCommand/References.jsx
@@ -0,0 +1,8 @@
+const References = () => {
+ let text = `
+ MITRE: Execution
+ Attacking Azure with custom script extensions`;
+ return { __html: text };
+};
+
+export default References;
\ No newline at end of file
diff --git a/src/components/Modals/HelpTexts/AZGrant/AZGrant.jsx b/src/components/Modals/HelpTexts/AZGrant/AZGrant.jsx
new file mode 100644
index 000000000..224a7ac45
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrant/AZGrant.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZGrant = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZGrant.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZGrant;
diff --git a/src/components/Modals/HelpTexts/AZGrant/Abuse.jsx b/src/components/Modals/HelpTexts/AZGrant/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrant/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZGrant/General.jsx b/src/components/Modals/HelpTexts/AZGrant/General.jsx
new file mode 100644
index 000000000..cca3221fb
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrant/General.jsx
@@ -0,0 +1,8 @@
+import { groupSpecialFormat} from '../Formatter';
+
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZGrant/Opsec.jsx b/src/components/Modals/HelpTexts/AZGrant/Opsec.jsx
new file mode 100644
index 000000000..b4cf80462
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrant/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZGrant/References.jsx b/src/components/Modals/HelpTexts/AZGrant/References.jsx
new file mode 100644
index 000000000..0ec036f55
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrant/References.jsx
@@ -0,0 +1,10 @@
+const References = () => {
+ let text = `
+ ATT&CK T1098: Account Manipulation
+ Andy Robbins - Azure Privilege Escalation via Azure API Permissions Abuse
+ Microsoft Graph Permission Reference`
+ ;
+ return { __html: text };
+};
+
+export default References;
diff --git a/src/components/Modals/HelpTexts/AZGrantSelf/AZGrantSelf.jsx b/src/components/Modals/HelpTexts/AZGrantSelf/AZGrantSelf.jsx
new file mode 100644
index 000000000..5a074b203
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrantSelf/AZGrantSelf.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZGrantSelf = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZGrantSelf.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZGrantSelf;
\ No newline at end of file
diff --git a/src/components/Modals/HelpTexts/AZGrantSelf/Abuse.jsx b/src/components/Modals/HelpTexts/AZGrantSelf/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrantSelf/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZGrantSelf/General.jsx b/src/components/Modals/HelpTexts/AZGrantSelf/General.jsx
new file mode 100644
index 000000000..cca3221fb
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrantSelf/General.jsx
@@ -0,0 +1,8 @@
+import { groupSpecialFormat} from '../Formatter';
+
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZGrantSelf/Opsec.jsx b/src/components/Modals/HelpTexts/AZGrantSelf/Opsec.jsx
new file mode 100644
index 000000000..b4cf80462
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrantSelf/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZGrantSelf/References.jsx b/src/components/Modals/HelpTexts/AZGrantSelf/References.jsx
new file mode 100644
index 000000000..bde9a9e78
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZGrantSelf/References.jsx
@@ -0,0 +1,10 @@
+const References = () => {
+ let text = `
+ ATT&CK T1098: Account Manipulation
+ Andy Robbins - Azure Privilege Escalation via Azure API Permissions Abuse
+ Microsoft Graph Permission Reference`
+ ;
+ return { __html: text };
+};
+
+export default References;
diff --git a/src/components/Modals/HelpTexts/AZHasRole/AZHasRole.jsx b/src/components/Modals/HelpTexts/AZHasRole/AZHasRole.jsx
new file mode 100644
index 000000000..159bd1c3b
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZHasRole/AZHasRole.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZHasRole = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZHasRole.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZHasRole;
diff --git a/src/components/Modals/HelpTexts/AZHasRole/Abuse.jsx b/src/components/Modals/HelpTexts/AZHasRole/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZHasRole/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZHasRole/General.jsx b/src/components/Modals/HelpTexts/AZHasRole/General.jsx
new file mode 100644
index 000000000..cca3221fb
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZHasRole/General.jsx
@@ -0,0 +1,8 @@
+import { groupSpecialFormat} from '../Formatter';
+
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZHasRole/Opsec.jsx b/src/components/Modals/HelpTexts/AZHasRole/Opsec.jsx
new file mode 100644
index 000000000..b4cf80462
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZHasRole/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZHasRole/References.jsx b/src/components/Modals/HelpTexts/AZHasRole/References.jsx
new file mode 100644
index 000000000..ca59f70d9
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZHasRole/References.jsx
@@ -0,0 +1,7 @@
+const References = () => {
+ let text = `Microsoft Graph Permission Reference
+ Azure role-based access control`;
+ return { __html: text };
+};
+
+export default References;
diff --git a/src/components/Modals/HelpTexts/AZMemberOf/AZMemberOf.jsx b/src/components/Modals/HelpTexts/AZMemberOf/AZMemberOf.jsx
new file mode 100644
index 000000000..7a4410a42
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZMemberOf/AZMemberOf.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZMemberOf = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZMemberOf.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZMemberOf;
diff --git a/src/components/Modals/HelpTexts/AZMemberOf/Abuse.jsx b/src/components/Modals/HelpTexts/AZMemberOf/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZMemberOf/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZMemberOf/General.jsx b/src/components/Modals/HelpTexts/AZMemberOf/General.jsx
new file mode 100644
index 000000000..cca3221fb
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZMemberOf/General.jsx
@@ -0,0 +1,8 @@
+import { groupSpecialFormat} from '../Formatter';
+
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZMemberOf/Opsec.jsx b/src/components/Modals/HelpTexts/AZMemberOf/Opsec.jsx
new file mode 100644
index 000000000..b4cf80462
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZMemberOf/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZMemberOf/References.jsx b/src/components/Modals/HelpTexts/AZMemberOf/References.jsx
new file mode 100644
index 000000000..0ba1ec61d
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZMemberOf/References.jsx
@@ -0,0 +1,6 @@
+const References = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default References;
diff --git a/src/components/Modals/HelpTexts/AZOwner/AZOwner.jsx b/src/components/Modals/HelpTexts/AZOwner/AZOwner.jsx
new file mode 100644
index 000000000..a46063434
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZOwner/AZOwner.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZOwner = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZOwner.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZOwner;
diff --git a/src/components/Modals/HelpTexts/AZOwner/Abuse.jsx b/src/components/Modals/HelpTexts/AZOwner/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZOwner/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZOwner/General.jsx b/src/components/Modals/HelpTexts/AZOwner/General.jsx
new file mode 100644
index 000000000..6d3d37d73
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZOwner/General.jsx
@@ -0,0 +1,6 @@
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = `Object ownership means almost all abuses are possible against the target object.`;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZOwner/Opsec.jsx b/src/components/Modals/HelpTexts/AZOwner/Opsec.jsx
new file mode 100644
index 000000000..79603dbcd
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZOwner/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = `This depends on which abuse you perform, but in general Azure will create a log for each abuse action.`;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZOwner/References.jsx b/src/components/Modals/HelpTexts/AZOwner/References.jsx
new file mode 100644
index 000000000..9418f1a27
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZOwner/References.jsx
@@ -0,0 +1,7 @@
+const References = () => {
+ let text = `Attacking Azure with custom script extensions
+ Azure role-based access control - Owner`;
+ return { __html: text };
+};
+
+export default References;
diff --git a/src/components/Modals/HelpTexts/AZOwns/References.jsx b/src/components/Modals/HelpTexts/AZOwns/References.jsx
index cf72d55bb..dcee0a930 100644
--- a/src/components/Modals/HelpTexts/AZOwns/References.jsx
+++ b/src/components/Modals/HelpTexts/AZOwns/References.jsx
@@ -1,5 +1,5 @@
const References = () => {
- let text = `https://blog.netspi.com/attacking-azure-with-custom-script-extensions/`;
+ let text = `Attacking Azure with custom script extensions`;
return { __html: text };
};
diff --git a/src/components/Modals/HelpTexts/AZVMAdminLogin/AZVMAdminLogin.jsx b/src/components/Modals/HelpTexts/AZVMAdminLogin/AZVMAdminLogin.jsx
new file mode 100644
index 000000000..2c8dea7ac
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZVMAdminLogin/AZVMAdminLogin.jsx
@@ -0,0 +1,57 @@
+import React from 'react';
+import PropTypes from 'prop-types';
+import { Tabs, Tab } from 'react-bootstrap';
+import General from './General';
+import Abuse from './Abuse';
+import Opsec from './Opsec';
+import References from './References';
+
+const AZVMAdminLogin = ({
+ sourceName,
+ sourceType,
+ targetName,
+ targetType,
+}) => {
+ return (
+
+
+
+
+
+
+ );
+};
+
+AZVMAdminLogin.propTypes = {
+ sourceName: PropTypes.string,
+ sourceType: PropTypes.string,
+ targetName: PropTypes.string,
+ targetType: PropTypes.string,
+};
+export default AZVMAdminLogin;
diff --git a/src/components/Modals/HelpTexts/AZVMAdminLogin/Abuse.jsx b/src/components/Modals/HelpTexts/AZVMAdminLogin/Abuse.jsx
new file mode 100644
index 000000000..fd14ebff8
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZVMAdminLogin/Abuse.jsx
@@ -0,0 +1,6 @@
+const Abuse = (sourceName, sourceType, targetName, targetType) => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Abuse;
diff --git a/src/components/Modals/HelpTexts/AZVMAdminLogin/General.jsx b/src/components/Modals/HelpTexts/AZVMAdminLogin/General.jsx
new file mode 100644
index 000000000..6a74aed8e
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZVMAdminLogin/General.jsx
@@ -0,0 +1,10 @@
+import { groupSpecialFormat} from '../Formatter';
+
+const General = (sourceName, sourceType, targetName, targetType) => {
+ let text = `When a virtual machine is configured to allow logon with Azure AD credentials, the VM automatically has certain principals added to its local administrators group, including any principal granted the Virtual Machine Administrator Login (or "VMAL") admin role.
+
+ Any principal granted this role, scoped to the affected VM, can connect to the VM via RDP and will be granted local admin rights on the VM.`;
+ return { __html: text };
+};
+
+export default General;
diff --git a/src/components/Modals/HelpTexts/AZVMAdminLogin/Opsec.jsx b/src/components/Modals/HelpTexts/AZVMAdminLogin/Opsec.jsx
new file mode 100644
index 000000000..b4cf80462
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZVMAdminLogin/Opsec.jsx
@@ -0,0 +1,6 @@
+const Opsec = () => {
+ let text = ``;
+ return { __html: text };
+};
+
+export default Opsec;
diff --git a/src/components/Modals/HelpTexts/AZVMAdminLogin/References.jsx b/src/components/Modals/HelpTexts/AZVMAdminLogin/References.jsx
new file mode 100644
index 000000000..d2e8aed4e
--- /dev/null
+++ b/src/components/Modals/HelpTexts/AZVMAdminLogin/References.jsx
@@ -0,0 +1,8 @@
+const References = () => {
+ let text = `ATT&CK T0008: Lateral Movement
+ ATT&CK T1021: Remote Services
+ Login to Windows virtual machine in Azure using Azure Active Directory authentication`;
+ return { __html: text };
+};
+
+export default References;