vectra-ai-research / Halberd

Halberd : Multi-Cloud Security Testing Tool to execute attacks across multiple surfaces via a intuitive web interface.
https://www.vectra.ai/blog/halberd-the-open-source-tool-democratizing-multi-cloud-security-testing
GNU General Public License v3.0
177 stars 11 forks source link

azure keyvault techniques #3

Closed agroyz closed 3 months ago

agroyz commented 5 months ago

There are two Key Vault techniques: one related to Credential Access and the other to the Privilege Escalation tactic. Both techniques pertain to Azure Key Vault and are covered under the sub-techniques of AZT604 in the Azure Threat Research Matrix.

Assign_keyvault_permissions: attempts to assign permissions for key vault; either RBAC or policy Dump_keyvalut: attempts to dump secrets, certificates, keys: AZT604.1, AZT604.2, AZT604.3

One Storage Account technique: This technique is sub-technique AZT605.1 of Azure Threat Research Matrix technique AZT605 - Resource Secret Reveal

Share storage account container, share vm disk, and expose private storage account