impr

src/pentesting-cloud/azure-security/README.md

@@ -173,6 +173,9 @@ You should start finding out the **permissions you have** over the resources. Fo
 
 1. **Find the resource you have some acecss to**:
 
+> [!TIP]
+> This doesn't require any special permission.
+
 The Az PoswerShell command **`Get-AzResource`** lets you **know the resources your current user has visibility over**.
 
 Moreover, you can get the same info in the **web console** going to [https://portal.azure.com/#view/HubsExtension/BrowseAll](https://portal.azure.com/#view/HubsExtension/BrowseAll) or searching for "All resources" or executing: 
@@ -180,11 +183,26 @@ Moreover, you can get the same info in the **web console** going to [https://por
 az rest --method GET --url "https://management.azure.com/subscriptions/<subscription-id>/resources?api-version=2021-04-01"
 ```
 
-2. **Find the permissions you have over the resources you have access to and find the roles assigned to you**:
+2. **Find the permissions you have over the resources you can see**:
 
-Note that you need the permission **`Microsoft.Authorization/roleAssignments/read`** to execute this action.
+> [!TIP]
+> This doesn't require any special permission.
 
-Furthermore, with enough permissions, the role **`Get-AzRoleAssignment`** can be used to **enumerate all the roles** in the subscription or the permission over a specific resource indicatig it like in:
+Talking to the API **`https://management.azure.com/{resource_id}/providers/Microsoft.Authorization/permissions?api-version=2022-04-01`** you can get the permissions you have over the specified resource in the **`resource_id`**.
+
+Therefore, **checking each of the resources you have access to**, you can get the permissions you have over them.
+
+> [!WARNING]
+> You can automate this enumeration using the tool **[Find_My_Az_Management_Permissions](https://github.com/carlospolop/Find_My_Az_Management_Permissions)**.
+
+
+<details>
+<summary>Enumerate permissions with **`Microsoft.Authorization/roleAssignments/read`**</summary>
+
+> [!TIP]
+> Note that you need the permission **`Microsoft.Authorization/roleAssignments/read`** to execute this action.
+
+- With enough permissions, the role **`Get-AzRoleAssignment`** can be used to **enumerate all the roles** in the subscription or the permission over a specific resource indicatig it like in:
 ```bash
 Get-AzRoleAssignment -Scope /subscriptions/<subscription-id>/resourceGroups/Resource_Group_1/providers/Microsoft.RecoveryServices/vaults/vault-m3ww8ut4
 ```
@@ -200,7 +218,7 @@ like in:
 az rest --method GET --uri "https://management.azure.com//subscriptions/<subscription-id>/resourceGroups/Resource_Group_1/providers/Microsoft.KeyVault/vaults/vault-m3ww8ut4/providers/Microsoft.Authorization/roleAssignments?api-version=2022-04-01" | jq ".value"
 ```
 
-Another option is to get the roles attached to you in azure with:
+- Another option is to **get the roles attached to you in azure**. This also requires the permission **`Microsoft.Authorization/roleAssignments/read`**:
 
 ```bash
 az role assignment list --assignee "<email>" --all --output table
@@ -213,7 +231,7 @@ az rest --method GET --uri 'https://management.azure.com/subscriptions/<subscrip
 ```
 
 
-3. **Find the granular permissions of the roles attached to you**:
+- **Find the granular permissions of the roles attached to you**:
 
 Then, to get the granular permission you could run **`(Get-AzRoleDefinition -Id "<RoleDefinitionId>").Actions`**.
 
@@ -223,6 +241,7 @@ Or call the API directly with
 az rest --method GET --uri "https://management.azure.com//subscriptions/<subscription-id>/providers/Microsoft.Authorization/roleDefinitions/<RoleDefinitionId>?api-version=2022-04-01" | jq ".properties"
 ```
 
+</details>
 
 In the following section you can find **information about the most common Azure services and how to enumerate them**: