Skip to content
/ raadef Public

An extensible Rust-based exploitation framework designed to audit/attack AzureAD environments.

License

Apache-2.0 license
7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

aress31/raadef

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
.github
.github
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Rust AzureAD Exploitation Framework (RAADEF)

Language License

An extensible Rust-based exploitation framework designed to assist red teamers and security professionals in assessing AzureAD environments.

RAADEF aims at streamlining and simplifying the process of auditing/attacking AzureAD environments.

Rust was selected as programming language for RAADEF due to its great performance, tooling, and active community.

Currently, RAADEF is limited to this set of features. Having said that, ideally, this framework will grow and embed additional features and attack vectors thanks to the community contributions - special focus on the roadmap.

Features

  • Fine-tuning of attacks via the many CLI switches available: 🔍
    • Mechanisms to help preventing accounts lockout, e.g., --loop-number, --loop-delay, --loop-jitter.
    • Mechanisms to help evading Smart Lockout, e.g., --delay, jitter, --proxy.
  • Password brute forcing, i.e., iterate through usernames then passwords. 💪
  • Password spraying, i.e., iterate through passwords then usernames. 💦
  • Support for HTTP/2 for better performance. 🐇
  • Support for custom authentication endpoints -> works amazingly with FireProx. 🤩

Roadmap

  • Beautify the console/file output (e.g., progress bar, colors, silence reqwest).
  • Implement pause and resume options! 🤩
  • Implement support for additional authentication endpoints.
  • Implement support for cycling through resource principals.
  • Implement support for lockout detection -> lockout and force flags.
  • Implement support for requests delay.
  • Improve the logic around the endpoint HashMap/CLI parser, e.g., try to get away with using the pub enum Resource and fetch options direcly from the HashMap keys instead.
  • Restructure the code -> more modularity por favor! 🌯

Requirements

Installation

  1. Clone/download the repository:

    git clone https://github.com/aress31/raadef
cd raadef

  2. Compile/run raadef with:

    cargo build --release
.\target\release\raadef.exe
    cargo run --

Usage

.\target\release\raadef.exe --help

Sponsor 💓

If you want to support this project and appreciate the time invested in developping, maintening and extending it; consider donating toward my next (cup of coffee ☕/lamborghini 🚗) - as a lot of my personal time went into creating this project. 😪

It is easy, all you got to do is press the Sponsor button at the top of this page or alternatively click this link. 😁

Reporting Issues

Found a bug 🐛? I would love to squash it!

Please report all issues on the GitHub issues tracker.

Contributing

You would like to contribute to better this project? 🤩

Please submit all PRs on the GitHub pull requests tracker.

Acknowledgements

Give to Caesar what belongs to Caesar:

License

RAADEF is primarily distributed under the terms of the Apache License (Version 2.0).

See LICENSE for details.

About

An extensible Rust-based exploitation framework designed to audit/attack AzureAD environments.

Topics

microsoft rust devops azure secops cybersecurity azure-active-directory pentest red-team pentest-tool azuread password-spray password-bruteforce

Resources

Readme

License

Apache-2.0 license
Activity

Stars

7 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Languages