• Stars
    star
    127
  • Rank 282,790 (Top 6 %)
  • Language
    Nim
  • License
    MIT License
  • Created almost 2 years ago
  • Updated about 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

AAD related enumeration in Nim

azbelt

Standalone DLL and sliver extension for enumerating Azure related credentials, primarily on AAD joined machines

Modules

  • aadjoin - Gets info about machine AAD status via NetGetAadJoinInformation
  • credman - Gets credentials from Credential Manager
  • env - Looks for Azure/AAD specific environment variables that may contain secrets
  • managed - Calls IMDS endpoint to get info about machine with managed identity
  • msal - Looks in various MSAL caches for tokens. Tokens are parsed to display scope and validity
  • sso - If machine is AAD joined, get signed PRT cookie
  • tbres - Gets tokens from Token Broker cache
  • all - Runs all enumeration except SSO

Building from source

A devcontainer is a provided for easy development and building. The devcontainer base definition is located here.

To build, simply:

nimble release

This will drop the DLLs into the project folder. If you want the exe for testing the DLL, you can also build the DLL runner:

nimble dllrun

You can do both at the same time:

nimble all

Special Thanks