-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy patharmRecon.ps1
99 lines (85 loc) · 3.75 KB
/
armRecon.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# Windows Azure ARM Subscription Reconnaissance Script
# (C) 2018 Matt Burrough
# v1.0
# Requires the Azure PowerShell cmdlets be installed.
# See https://github.com/Azure/azure-powershell/ for details.
# Before running the script:
# * Run: Import-Module Azure
# * Authenticate to Azure in PowerShell
# * You may also need to run: Set-ExecutionPolicy -Scope Process Unrestricted
# Show details of the current Azure subscription
Write-Output (" Subscription ","==============")
Write-Output ("Get-AzureRmContext")
$context = Get-AzureRmContext
$context
$context.Account
$context.Tenant
$context.Subscription
Write-Output ("Get-AzureRmRoleAssignment")
Get-AzureRmRoleAssignment
Write-Output ("", " Resources ","===========")
# Show the subscription's resource groups and a list of all of its resources
Write-Output ("Get-AzureRmResourceGroup")
Get-AzureRmResourceGroup | Format-Table ResourceGroupName,Location,ProvisioningState
Write-Output ("Get-AzureRmResource")
Get-AzureRmResource | Format-Table Name,ResourceType,ResourceGroupName
# Display Web Apps
Write-Output ("", " Web Apps ","==========")
Write-Output ("Get-AzureRmWebApp")
Get-AzureRmWebApp
# List Virtual Machines
Write-Output ("", " VMs ","=====")
$vms = Get-AzureRmVM
Write-Output ("Get-AzureRmVM")
$vms
foreach ($vm in $vms)
{
Write-Output ("Get-AzureRmVM -ResourceGroupName " + $vm.ResourceGroupName + "-Name " + $vm.Name)
Get-AzureRmVM -ResourceGroupName $vm.ResourceGroupName -Name $vm.Name
Write-Output ("HardwareProfile:")
$vm.HardwareProfile
Write-Output ("OSProfile:")
$vm.OSProfile
Write-Output ("ImageReference:")
$vm.StorageProfile.ImageReference
}
# Show Azure Storage
Write-Output ("", " Storage ","=========")
$SAs = Get-AzureRmStorageAccount
Write-Output ("Get-AzureRmStorageAccount")
$SAs
foreach ($sa in $SAs)
{
Write-Output ("Get-AzureRmStorageAccountKey -ResourceGroupName " + $sa.ResourceGroupName + " -StorageAccountName" + $sa.StorageAccountName)
Get-AzureRmStorageAccountKey -ResourceGroupName $sa.ResourceGroupName -StorageAccountName $sa.StorageAccountName
}
# Get Networking Settings
Write-Output ("", " Networking ","============")
Write-Output ("Get-AzureRmNetworkInterface")
Get-AzureRmNetworkInterface
Write-Output ("Get-AzureRmPublicIpAddress")
Get-AzureRmPublicIpAddress
# NSGs
Write-Output ("", " NSGs ","======")
foreach ($vm in $vms)
{
$ni = Get-AzureRmNetworkInterface | where { $_.Id -eq $vm.NetworkInterfaceIDs }
Write-Output ("Get-AzureRmNetworkSecurityGroup for " + $vm.Name + ":")
Get-AzureRmNetworkSecurityGroup | where { $_.Id -eq $ni.NetworkSecurityGroup.Id }
}
# Show the SQL Info
Write-Output ("", " SQL ","=====")
foreach ($rg in Get-AzureRmResourceGroup)
{
foreach($ss in Get-AzureRmSqlServer -ResourceGroupName $rg.ResourceGroupName)
{
Write-Output ("Get-AzureRmSqlServer -ServerName" + $ss.ServerName + " -ResourceGroupName " + $rg.ResourceGroupName)
Get-AzureRmSqlServer -ServerName $ss.ServerName -ResourceGroupName $rg.ResourceGroupName
Write-Output ("Get-AzureRmSqlDatabase -ServerName" + $ss.ServerName + " -ResourceGroupName " + $rg.ResourceGroupName)
Get-AzureRmSqlDatabase -ServerName $ss.ServerName -ResourceGroupName $rg.ResourceGroupName
Write-Output ("Get-AzureRmSqlServerFirewallRule -ServerName" + $ss.ServerName + " -ResourceGroupName " + $rg.ResourceGroupName)
Get-AzureRmSqlServerFirewallRule -ServerName $ss.ServerName -ResourceGroupName $rg.ResourceGroupName
Write-Output ("Get-AzureRmSqlServerThreatDetectionPolicy -ServerName" + $ss.ServerName + " -ResourceGroupName " + $rg.ResourceGroupName)
Get-AzureRmSqlServerThreatDetectionPolicy -ServerName $ss.ServerName -ResourceGroupName $rg.ResourceGroupName
}
}