Skip to content

Commit c80dbcf

Browse files
JaimePolopJaimePolop
authored
Update az-azuread.md
1 parent a35642f commit c80dbcf

File tree

1 file changed

+170
-1
lines changed

1 file changed

+170
-1
lines changed

src/pentesting-cloud/azure-security/az-services/az-azuread.md

Lines changed: 170 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -149,6 +149,34 @@ curl "$IDENTITY_ENDPOINT?resource=https://management.azure.com&api-version=2017-
149149
curl "$IDENTITY_ENDPOINT?resource=https://vault.azure.net&api-version=2017-09-01" -H secret:$IDENTITY_HEADER
150150
```
151151

152+
{{#endtab }}
153+
{{#tab name="MS Graph" }}
154+
155+
```powershellGet-MgTenantRelationshipDelegatedAdminCustomer
156+
# Install the Microsoft Graph PowerShell module if not already installed
157+
Install-Module Microsoft.Graph -Scope CurrentUser
158+
159+
# Import the module
160+
Import-Module Microsoft.Graph
161+
162+
# Login to Microsoft Graph
163+
Connect-MgGraph -Scopes "User.Read.All", "Group.Read.All", "Directory.Read.All"
164+
165+
# Enumerate available commands in Microsoft Graph PowerShell
166+
Get-Command -Module Microsoft.Graph*
167+
168+
# Example: List users
169+
Get-MgUser -All
170+
171+
# Example: List groups
172+
Get-MgGroup -All
173+
174+
# Example: Get roles assigned to a user
175+
Get-MgUserAppRoleAssignment -UserId <UserId>
176+
177+
# Disconnect from Microsoft Graph
178+
Disconnect-MgGraph
179+
```
152180
{{#endtab }}
153181

154182
{{#tab name="Azure AD" }}
@@ -266,6 +294,35 @@ curl -X GET "https://graph.microsoft.com/beta/roleManagement/directory/roleDefin
266294

267295
{{#endtab }}
268296

297+
{{#tab name="MS Graph" }}
298+
299+
```powershell
300+
# Enumerate users using Microsoft Graph PowerShell
301+
Get-MgUser -All
302+
303+
# Get user details
304+
Get-MgUser -UserId "[email protected]" | Format-List *
305+
306+
# Search "admin" users
307+
Get-MgUser -All | Where-Object { $_.DisplayName -like "*test*" } | Select-Object DisplayName
308+
309+
# Search attributes containing the word "password"
310+
Get-MgUser -All | Where-Object { $_.AdditionalProperties.PSObject.Properties.Name -contains "password" }
311+
312+
# All users from Entra ID
313+
Get-MgUser -Filter "startswith(userPrincipalName, 't')" -All | Select-Object DisplayName, UserPrincipalName
314+
315+
# Get groups where the user is a member
316+
Get-MgUserMemberOf -UserId <UserId>
317+
318+
# Get roles assigned to the user in Entra ID
319+
Get-MgUserAppRoleAssignment -UserId <UserId>
320+
321+
# List available commands in Microsoft Graph PowerShell
322+
Get-Command -Module Microsoft.Graph.Users
323+
```
324+
{{#endtab }}
325+
269326
{{#tab name="Azure AD" }}
270327
271328
```bash
@@ -396,7 +453,34 @@ Get-AzRoleAssignment -ResourceGroupName <resource_group_name>
396453
```
397454
398455
{{#endtab }}
456+
{{#tab name="MS Graph" }}
457+
458+
```powershell
459+
# Enumerate groups using Microsoft Graph PowerShell
460+
Get-MgGroup -All
461+
462+
# Get group details
463+
Get-MgGroup -GroupId <GroupId> | Format-List *
464+
465+
# Search "admin" groups
466+
Get-MgGroup -All | Where-Object { $_.DisplayName -like "*admin*" } | Select-Object DisplayName
399467
468+
# Get members of a group
469+
Get-MgGroupMember -GroupId <GroupId> -All
470+
471+
# Get groups a group is member of
472+
Get-MgGroupMemberOf -GroupId <GroupId>
473+
474+
# Get roles assigned to the group in Entra ID
475+
Get-MgGroupAppRoleAssignment -GroupId <GroupId>
476+
477+
# Get group owner
478+
Get-MgGroupOwner -GroupId <GroupId>
479+
480+
# List available commands in Microsoft Graph PowerShell
481+
Get-Command -Module Microsoft.Graph.Groups
482+
```
483+
{{#endtab }}
400484
{{#tab name="Azure AD" }}
401485
402486
```bash
@@ -504,6 +588,31 @@ $RequestParams = @{
504588
(Invoke-RestMethod @RequestParams).value
505589
```
506590
591+
{{#endtab }}
592+
{{#tab name="MS Graph" }}
593+
594+
```powershell
595+
# Get Service Principals using Microsoft Graph PowerShell
596+
Get-MgServicePrincipal -All
597+
598+
# Get details of one Service Principal
599+
Get-MgServicePrincipal -ServicePrincipalId <ServicePrincipalId> | Format-List *
600+
601+
# Search SP by display name
602+
Get-MgServicePrincipal -All | Where-Object { $_.DisplayName -like "*app*" } | Select-Object DisplayName
603+
604+
# Get owner of Service Principal
605+
Get-MgServicePrincipalOwner -ServicePrincipalId <ServicePrincipalId>
606+
607+
# Get objects owned by a Service Principal
608+
Get-MgServicePrincipalOwnedObject -ServicePrincipalId <ServicePrincipalId>
609+
610+
# Get groups where the SP is a member
611+
Get-MgServicePrincipalMemberOf -ServicePrincipalId <ServicePrincipalId>
612+
613+
# List available commands in Microsoft Graph PowerShell
614+
Get-Command -Module Microsoft.Graph.ServicePrincipals
615+
```
507616
{{#endtab }}
508617
509618
{{#tab name="Azure AD" }}
@@ -691,6 +800,26 @@ Get-AzADAppCredential
691800
692801
{{#endtab }}
693802
803+
{{#tab name="MS Graph" }}
804+
805+
```powershell
806+
# List Applications using Microsoft Graph PowerShell
807+
Get-MgApplication -All
808+
809+
# Get application details
810+
Get-MgApplication -ApplicationId 7861f72f-ad49-4f8c-96a9-19e6950cffe1 | Format-List *
811+
812+
# Search App by display name
813+
Get-MgApplication -Filter "startswith(displayName, 'app')" | Select-Object DisplayName
814+
815+
# Get owner of an application
816+
Get-MgApplicationOwner -ApplicationId <ApplicationId>
817+
818+
# List available commands in Microsoft Graph PowerShell
819+
Get-Command -Module Microsoft.Graph.Applications
820+
```
821+
{{#endtab }}
822+
694823
{{#tab name="Azure AD" }}
695824
696825
```bash
@@ -770,11 +899,32 @@ az role assignment list --all --query "[].{principalName:principalName,principal
770899
# Get all the roles assigned to a user
771900
az role assignment list --assignee "<email>" --all --output table
772901
# Get all the roles assigned to a user by filtering
773-
az role assignment list --all --query "[?principalName=='carlos@carloshacktricks.onmicrosoft.com']" --output table
902+
az role assignment list --all --query "[?principalName=='admin@organizationadmin.onmicrosoft.com']" --output table
774903
```
775904
776905
{{#endtab }}
777906
907+
{{#tab name="MS Graph" }}
908+
909+
```powershell
910+
911+
# List all available role templates using Microsoft Graph PowerShell
912+
Get-MgDirectoryRoleTemplate -All
913+
914+
# List enabled built-in Entra ID roles
915+
Get-MgDirectoryRole -All
916+
917+
# List all Entra ID roles with their permissions (including custom roles)
918+
Get-MgDirectoryRoleDefinition -All
919+
920+
# List members of a Entra ID role
921+
Get-MgDirectoryRoleMember -DirectoryRoleId <RoleId> -All
922+
923+
# List available commands in Microsoft Graph PowerShell
924+
Get-Command -Module Microsoft.Graph.Identity.DirectoryManagement
925+
```
926+
{{#endtab }}
927+
778928
{{#tab name="Az" }}
779929
780930
```bash
@@ -894,6 +1044,25 @@ Get-AzureADMSScopedRoleMembership -Id <id> | fl *
8941044
# If you know how to do this send a PR!
8951045
```
8961046
1047+
{{#endtab }}
1048+
{{#tab name="MS Graph" }}
1049+
1050+
```powershell
1051+
# Enumerate devices using Microsoft Graph PowerShell
1052+
Get-MgDevice -All
1053+
1054+
# Get device details
1055+
Get-MgDevice -DeviceId <DeviceId> | Format-List *
1056+
1057+
# Get devices managed using Intune
1058+
Get-MgDevice -Filter "isCompliant eq true" -All
1059+
1060+
# Get devices owned by a user
1061+
Get-MgUserOwnedDevice -UserId [email protected]
1062+
1063+
# List available commands in Microsoft Graph PowerShell
1064+
Get-Command -Module Microsoft.Graph.Identity.DirectoryManagement
1065+
```
8971066
{{#endtab }}
8981067
8991068
{{#tab name="Azure AD" }}

0 commit comments

Comments
 (0)