PowerZure, exploit framework targeting Azure, has been updated
PowerZure is a framework designed to perform reconnaissance and exploitation of the Azure cloud platform, Azure Active Directory, and associated resources.
The project [1] is maintained by Ryan Hausknecht, who recently released a new version (2.0) of the framework. The tool is now equipped with the following attack components and its functions:
- Operational functions with backdoor/payload creation and execution
- Information gathering on users, groups, applications, and resources
- Credential dumping of key vault secrets, applications, certificates, and automation accounts
- Data exfiltration of storage accounts, account keys, runbooks, storage containers, file shares, and virtual machine disk contents