# Cloud & Azure

[**MSOLSpray**](https://github.com/dafthack/MSOLSpray)**:** A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

[**PowerZure**](https://github.com/hausec/PowerZure)**:** PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both perform reconnaissance and exploitation of Azure, AzureAD, and the associated resources.

[**SharpCloud**](https://github.com/chrismaddalena/SharpCloud)**:** Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute.

[**MicroBurst**](https://github.com/NetSPI/MicroBurst)**:** A collection of scripts for assessing Microsoft Azure security.

[**ROADtools**](https://github.com/dirkjanm/ROADtools)**:** The Azure AD exploration framework.

[**SkyArk**](https://github.com/cyberark/SkyArk)**:** SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS.

[**BlobHunter**](https://github.com/cyberark/blobhunter): Find exposed data in Azure with this public blob scanner.

![](/files/-Mci8Z3AznskWFHsNINt)

## **Prowler**

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

<figure><img src="/files/xaSdLJBU5LpJFJJvVVqI" alt=""><figcaption></figcaption></figure>

```
python3 -m venv venv
source venv\bin\activate
pip install prowler
```

Add the following roles on the Azure:

**ENTRA ID**

* Security Reader
* Global Reader

<figure><img src="/files/Chz67pJblf7rxOw6zOwv" alt=""><figcaption></figcaption></figure>

Azure Resources

* Domain Services Reader
* Reader

<figure><img src="/files/SvkjhfPZB0ImNLwrxfeY" alt=""><figcaption></figcaption></figure>

After that, run the prowler with the following command line:

```
prowler azure --browser-auth --tenant-id xxxxxxxxxxxx
```

See the results with:

```
prowler dashboard
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gitbook.seguranca-informatica.pt/tools/infrastructure-and-network/cloud-and-azure.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.