Cloud Pen-testing Part-1
## Microsoft Azure & O365 CLI Tool Cheatsheet
### Az PowerShell Module
Import-Module Az
### Authentication
Connect to Azure with account credentials
```powershell
Connect-AzAccount
Alternatively, if MFA restrictions are in place
$credential = Get-Credential
Connect-AzAccount -Credential $credential
Import a context file
Import-AzContext -Profile 'C:\Temp\Live Tokens\StolenToken.json'
Export a context file
Save-AzContext -Path C:\Temp\AzureAccessToken.json
Account Information
List the current Azure contexts available
Get-AzContext -ListAvailable
Get context details
$context = Get-AzContext
$context.Name
$context.Account
List subscriptions
Get-AzSubscription
Choose a subscription
Select-AzSubscription -SubscriptionID "SubscriptionID"
Get the current user's role assignment
Get-AzRoleAssignment
List all resources and resource groups
Get-AzResource
Get-AzResourceGroup
List storage accounts
Get-AzStorageAccount
WebApps & SQL
List Azure web applications
Get-AzAdApplication
Get-AzWebApp
List SQL servers
Get-AzSQLServer
Individual databases can be listed with information retrieved from the previous command
Get-AzSqlDatabase -ServerName $ServerName -ResourceGroupName $ResourceGroupName
List SQL Firewall rules
Get-AzSqlServerFirewallRule –ServerName $ServerName -ResourceGroupName $ResourceGroupName
List SQL Server AD Admins
Get-AzSqlServerActiveDirectoryAdminstrator -ServerName $ServerName -ResourceGroupName $ResourceGroupName
Runbooks
List Azure Runbooks
Get-AzAutomationAccount
Get-AzAutomationRunbook -AutomationAccountName <AutomationAccountName> -ResourceGroupName <ResourceGroupName>
Export a runbook
Export-AzAutomationRunbook -AutomationAccountName $AccountName -ResourceGroupName $ResourceGroupName -Name $RunbookName -OutputFolder .\Desktop\