Operational Usage

PowerZure is a PowerShell module. To begin using PowerZure, import the manifest file:

Import-Module C:\Location\to\Powerzure.psd1

There is zero reason to ever run PowerZure on a victim’s machine. Authentication is done by using an existing accesstoken.json file or by logging in via prompt when logging into Azure, meaning you can safely use PowerZure to interact with a victim’s cloud instance from your operating machine.

If the target environment is contraining Azure access to their network/VPN, then consider using a proxy.

You must sign-in to Azure before PowerZure functions are made available. To sign in, use the cmdlet

Connect-AzAccount

Once you are signed in to Azure, you can import PowerZure:

ipmo C:\Path\To\Powerzure.psd1

Upon importing, it will list your current role and available subscriptions. If you’re in a tenant with multiple subscriptions, you must set a default subscription with

Set-AzureSubscription

Once set, you can run

Get-AzureTarget

To get a list of AzureAD and Azure objects you have access to and exploit them accordingly.