Developed to assist penetration testers and auditors during the enumeration and reconnaissance activities within a Microsoft Azure environment, Azurite includes two helper scripts - the Azurite Explorer and the Azurite Visualizer. These scripts are used to collect, passively, verbose information of the main components within a deployment to be reviewed offline, and visualise the associations between resources.
Apostolis Mastoris, Security Consultant at MWR InfoSecurity explains, “Azure is Microsoft’s public cloud computing platform. It provides a range of cloud services offering organisations the ability to run some or all of their business applications in Azure, store data or even help with disaster recovery plans. The issue is ensuring everything remains protected as the organisation is still responsible to ensure its infrastructure is secure. Azurite has been designed to retrieve the configuration of Azure-hosted deployments passively, which can further assist penetration testers and auditors to determine that such hosted deployments do not expose additional risk.”
With its structured output, Azurite effortlessly illustrates the configuration of Azure-hosted deployments, and its JSON output can easily be parsed to extract the pertinent information. It efficiently collates details about Azure resources, which can be reviewed offline, eliminating the need to access Azure web management portals for each individual resource, thus increasing efficiency. Used by assessors and businesses, Azurite helps comprehend the topology of an Azure-hosted deployment by visualising the output, while at the same time interactively collecting information about the configuration of each resource in a deployment. Using Azurite, weak configurations within the Network Security Groups applied in Subnets and Virtual Machines can be identified allowing auditors and organisations to address and strengthen defences.
Development of Azurite is ongoing, and this first version provides support for mainstream Azure components, including:
To download Azurite visit: mwr.to/lath