nccgroup / azucar Goto Github PK
View Code? Open in Web Editor NEWSecurity auditing tool for Azure environments
License: GNU Affero General Public License v3.0
Security auditing tool for Azure environments
License: GNU Affero General Public License v3.0
Hoping to be able to run this on Powershell for Mac. Getting this error, is IE really required or can this be tweaked to support Mac?
Get-ItemProperty : Cannot find drive. A drive with the name 'HKLM' does not exist.
At ~/azucar/Azucar.ps1:274 char:69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
New-Object : Exception calling ".ctor" with "4" argument(s): "Version's parameters must be greater than or equal to zero.
Parameter name: build"
At ~/azucar/Azucar.ps1:275 char:18
$ieVersion = New-Object -TypeName System.Version -ArgumentList (
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Exception][Main][286]:Internet Explorer 11 or later required. Current IE version is '0.0'.
It seems that it fails to login when one is attempting to provide credentials with MFA.
The module doesn't request the code which generates the following code:
[Exception][Authorize-Tenant][407]:Exception calling "GetResult" with "0" argument(s): "Failed to acquire token silently as no token was found in the cache. Call method AcquireToken"
Hi,
I came up with the following error:
By Calling: .\azucar.ps1
Exception calling "LoadFrom" with "1" argument(s): "Could not load file or assembly 'file:///C:\azucar-master\Libs\Microsoft.IdentityModel.Clients.ActiveDirectory.WindowsForms.dll' or one of its dependencies. Operation is not supported.
It would be really really helpful if there was a Docker image (or Vagrant box) that we could build to run Azucar.
My colleagues and I mostly run Macs, and currently Azucar only supports windows.
For the asset "Azure Active Directory", I observed that when I run the command .\Azucar.ps1 -ExportTo CSV -Verbose -Instance AzureCloud -Analysis All
and open the CSV report with the name "DirectoryRoles", the number of members for each directory role provided by the last column titled "Members" shows incorrect number of members as one more than the actual number of members. This holds true only if the number of members of a directory role is non-zero.
I can not seem to get Storage accounts to have anything in the excel. We are not using classic storage accounts That does error.
DEBUG: [11:13:51:211] [Get-AzSecRMObject] - Get request for object type 'storageAccounts' succeeded.
DEBUG: [11:13:51:212] [Get-AzSecAADLinkedObject] - Get request for object type 'Azure Archive Storage Admins' succeeded.
WARNING: [11:13:51:215] [Get-AzStorageAccounts] - The 'Storage Accounts' query didn't return any data in 'Storage Accounts' tenant
I was able to get the CSV, JSON and XML reports. However, not the EXCEL report. How can we generate the report as shown in the sample report .
I used the -ExportTo CSV,JSON,XML,EXCEL
command to export into respective formats. However, EXCEL report format folder is always empty.
I am trying to run the tool in all my subscriptions. But, It is asking to choose specific subscription. Could you please help me, how can I run the tool on all subscriptions? Any plugins? Any suggestions?
First of all thanks for putting this code. I am trying for this kind of Audits on Azure resources. One questions is, how can I make use of this data. Lets, say in classic endpoints data audit, I need to call out Remote Desktop endpoint as non-compliant. Your code is almost pulling all the data but is not saying if the resource is compliant or not. How can I achieve this?
Hi, How can I select the specific Resource group or Subscription. It seems that audit run on entire tenant.
Thanks in advance.
Hi, I am having issue in Azure Network Security Rules section. Although I have configured my NSG but it's not properly showing up in report. SourceAddressPrefix is completely empty/blank whereas there are IPs in source address in Azure portal.
please help.
Is Excel required to generate the Excel formatted output? Office is something not typically installed into an Azure AD environment.
Is there an accepted process to run this from a workstation remotely that would have the necessary prerequisites installed?
Here are examples of the command switches used with no effect:
PS C:\azucar-master> .\Azucar.ps1 -ExportTo EXCEL,CSV,XML,JSON -Verbose -Instance AzureCloud -Analysis ALL
PS C:\azucar-master> .\Azucar.ps1 -ExportTo EXCEL -Verbose -Instance AzureCloud -Analysis ALL
PS C:\azucar-master> .\Azucar.ps1 -ExportTo EXCEL -Verbose -Analysis ALL
PS C:\azucar-master> .\Azucar.ps1 -ExportTo EXCEL -Verbose
Please find attached a image of the errors
We did collect data in the CSV Report, JSON Report, and XML Reports for Active directory and security. Is there any way to convert these source files into the Excel output running one of the other subordinate PS scripts within azucar?
Many Thanks in Advance for your time and effort!
-Bob
I was able to get the JSON and XML reports. However, not the EXCEL and CSV report. How can we generate the report as shown in the sample report .
I used the -ExportTo CSV,JSON,XML,EXCEL command to export into respective formats. However, EXCEL report format folder is always empty.
Currently there is an issue with the name of AzureUSGovernment instance which makes government cloud not working, please replace "Government" with "AzureUSGovernment" in the endpoints.ps1 since this will fix the issue. Thanks, awesome work!
I tried installed powershell on my MAC using this doc.
https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-powershell-core-on-macos?view=powershell-6
Getting this error when I try to run the Azucar.ps1
/git/azucar> ./Azucar.ps1
Get-ItemProperty : Cannot find drive. A drive with the name 'HKLM' does not exist.
At /Users/shivankarmadaan/git/azucar/Azucar.ps1:274 char:69
+ ... gumentList (Get-ItemProperty 'HKLM:\SOFTWARE\Microsoft\Internet Explo ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (HKLM:String) [Get-ItemProperty], DriveNotFoundException
+ FullyQualifiedErrorId : DriveNotFound,Microsoft.PowerShell.Commands.GetItemPropertyCommand
New-Object : Exception calling ".ctor" with "4" argument(s): "Version's parameters must be greater than or equal to zero.
Parameter name: build"
At /Users/shivankarmadaan/git/azucar/Azucar.ps1:275 char:18
+ $ieVersion = New-Object -TypeName System.Version -ArgumentList (
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [New-Object], MethodInvocationException
+ FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand
[Exception][Main][286]:Internet Explorer 11 or later required. Current IE version is '0.0'.
Any idea where I'm wrong.
While running azucar script, only 50 VMs data getting pulled to CSV from Azure environments. Not so sure it is a problem with pagination or importing to CSV. Only first 50 getting enlisted in CSV and then to xlsx.
Authentication is successful, I got list of subscription to choose from, after I select couple of subscription, I got following error.
.\Azucar.ps1 -ExportTo CSV,JSON,XML,EXCEL -ForceAuth
https://management.azure.com/subscriptions?api-version=2016-06-01
Get-AzADALAuthenticationContext : Cannot process argument transformation on parameter 'TenantID'. Cannot convert value to type System.String.
At C:\Users\a507246\ADO_repo\azucar-master\core\api\auth\azureauth.ps1:500 char:104
~~~~~~~~~~~~~~~~~~~~~~
I'm trying to use Azucar to retrieve information about only Azure Active Directory. The account I'm using doesn't have access to any subscriptions.
My command and output:
PS C:\SomeDirectory> .\Azucar.ps1 -TenantID <redacted> -ForceAuth -ExportTo CSV,JSON,XML,EXCEL -Analysis ActiveDirectory
https://management.azure.com/subscriptions?api-version=2016-06-01
[Exception][Main][661]:Unable to retrieve resource groups....
I'm guessing the code doesn't account for the possibility of not having any subscriptions, even though I specify to only check Azure AD.
With .\Azucar.ps1 -ExportTo CSV, it is taking default credentials. How can I run this against another tenant?
Hi
I am receiving the following error when trying to generate output:
JSON Task: Generating JSON report for data retrieved from 'xxxX-XXXX-XXXX-XXX' [Exception][Generate-Json][84]:System.Management.Automation.ParameterBindingArgumentTransformationException: Cannot proc ess argument transformation on parameter 'DirectoryName'. Cannot convert value to type System.String. ---> System.Manage ment.Automation.ArgumentTransformationMetadataException: Cannot convert value to type System.String. ---> System.Managem ent.Automation.PSInvalidCastException: Cannot convert value to type System.String. en System.Management.Automation.ArgumentTypeConverterAttribute.Transform(EngineIntrinsics engineIntrinsics, Object in putData, Boolean bindingParameters, Boolean bindingScriptCmdlet) --- Fin del seguimiento de la pila de la excepción interna --- en System.Management.Automation.ArgumentTypeConverterAttribute.Transform(EngineIntrinsics engineIntrinsics, Object in putData, Boolean bindingParameters, Boolean bindingScriptCmdlet) en System.Management.Automation.ParameterBinderBase.BindParameter(CommandParameterInternal parameter, CompiledCommand Parameter parameterMetadata, ParameterBindingFlags flags) --- Fin del seguimiento de la pila de la excepción interna --- en System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exc eption) en lambda_method(Closure , Object[] , StrongBox
1[] , InterpretedFrame )
`
I get the following errors ... When I execute the script with -ExportTo CSV,JSON,XML,EXCEL
Generate-CSV : Cannot process argument transformation on parameter 'TenantID'. Cannot convert value to type
System.String.
At C:\Temp\azucar-master\Azucar.ps1:157 char:79
~~~~~~~~~
Generate-Json : Cannot process argument transformation on parameter 'TenantID'. Cannot convert value to type
System.String.
At C:\Temp\azucar-master\Azucar.ps1:161 char:80
~~~~~~~~~
Generate-XML : Cannot process argument transformation on parameter 'TenantID'. Cannot convert value to type
System.String.
At C:\Temp\azucar-master\Azucar.ps1:165 char:79
~~~~~~~~~
Generate-Excel : Cannot process argument transformation on parameter 'TenantID'. Cannot convert value to type
System.String.
At C:\Temp\azucar-master\Azucar.ps1:170 char:115
~~~~~~~~~
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.