# Azure AD (Entra ID)

## Azure AD: Reconnaissance

### Get Tenant Name

```
https://login.microsoftonline.com/getuserrealm.srf/?login=admin@domain.it&xml=1
```

### Get Tenant ID

{% embed url="<https://github.com/Gerenios/AADInternals>" %}

```powershell
Install-Module AADInternals
```

```
Get-AADIntTenantID -Domain domain.it
```

### Get Tenant Domains

```powershell
Get-AADIntTenantDomains -Domain domain.it
```

### Enumerate emails

{% embed url="<https://github.com/y0k4i-1337/o365creeper-ng>" %}

### Azure services

{% embed url="<https://github.com/NetSPI/MicroBurst>" %}

```powershell
Import-Module .\MicroBurst.psm1
```

#### Enumerate Subdomains

(Misc folder)

```powershell
Invoke-EnumerateAzureSubDomains.ps1 -Base domain.com -Verbose
```

#### Public Azure Blobs

(Misc Folder)

```powershell
Invoke-EnumerateAzureBlobs.ps1 -Base domain.com -Verbose
```