Azure Security Assessment Tools : Installation and usuage

Enhancing security on Azure is a critical task that requires the right set of tools. This blog post provides a comprehensive guide on installing and using some of the most effective Azure security tools available.

1. MicroBurst Installation:

git clone https://github.com/NetSPI/MicroBurst.git
Import-Module ./MicroBurst/MicroBurst.psd1

Usage: Navigate to the MicroBurst directory and execute scripts based on your requirements.

2. Lava Installation:

# Assuming Lava is a Python-based tool
pip install lava-tool

Usage:

lava --scan --target azure_subscription_id

3. Koboko Installation:

# If Koboko is hosted on a Git repository
git clone https://github.com/company/koboko.git
cd koboko
./install.sh

Usage:

koboko --target-url <target azure service>

4. PowerZure Installation:

git clone https://github.com/hausec/PowerZure.git
Import-Module ./PowerZure/PowerZure.ps1

Usage:

Invoke-PowerZureFunction -FunctionName

5. Stormspotter Installation:

git clone https://github.com/Azure/Stormspotter.git
cd Stormspotter
python setup.py install

Usage:

stormspotter --collect

6. BloodHound Installation:

# For Neo4j
wget -O - https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add -
sudo add-apt-repository "deb https://debian.neo4j.com stable 4.0"
sudo apt-get update
sudo apt-get install neo4j
# For BloodHound
git clone https://github.com/BloodHoundAD/BloodHound.git
cd BloodHound
npm install
npm run linuxbuild

Usage:

neo4j console
# Open BloodHound with the interface

7. cloud_enum Installation:

git clone https://github.com/initstring/cloud_enum.git
cd cloud_enum
pip install -r requirements.txt

Usage:

python cloud_enum.py --keyword companyname

8. AADInternals Installation:

Install-Module -Name AADInternals

Usage:

Connect-AADInt

9. ScoutSuite Installation:

pip install scoutsuite

Usage:

scout azure --cli

10. Prowler Installation:

git clone https://github.com/toniblyx/prowler.git
cd prowler

Usage:

./prowler -g group_name

11. Roadtools Installation:

pip install roadtools roadrecon

Usage:

roadrecon

Conclusion: Following the installation and usage instructions for each tool will help enhance your Azure environment's security. Remember, it's crucial to keep these tools up to date and run them regularly to maintain a strong security posture.

PreviousAzure Security : Components and Assessment Guide NextIdentity and Access Management

Last updated 1 year ago

Was this helpful?

# For Neo4j wget -O - https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add - sudo add-apt-repository "deb https://debian.neo4j.com stable 4.0" sudo apt-get update sudo apt-get install neo4j # For BloodHound git clone https://github.com/BloodHoundAD/BloodHound.git cd BloodHound npm install npm run linuxbuild