Hacking Tools

AzSubEnum – Azure Service Subdomain Enumeration

AzSubEnum is a specialized subdomain enumeration tool tailored for Azure services. This tool is designed to meticulously search and identify subdomains associated with various Azure services.

Through a combination of techniques and queries, AzSubEnum delves into the Azure domain structure, systematically probing and collecting subdomains related to a diverse range of Azure services.

How It Works?

AzSubEnum operates by leveraging DNS resolution techniques and systematic permutation methods to unveil subdomains associated with Azure services such as Azure App Services, Storage Accounts, Azure Databases (including MSSQL, Cosmos DB, and Redis), Key Vaults, CDN, Email, SharePoint, Azure Container Registry, and more. Its functionality extends to comprehensively scanning different Azure service domains to identify associated subdomains.

With this tool, users can conduct thorough subdomain enumeration within Azure environments, aiding security professionals, researchers, and administrators in gaining insights into the expansive landscape of Azure services and their corresponding subdomains.

Why I Create This?

During my learning journey on Azure AD exploitation, I discovered that the Azure subdomain tool, Invoke-EnumerateAzureSubDomains from NetSPI, was unable to run on my Debian PowerShell.

Consequently, I created a crude implementation of that tool in Python.

Usage

➜  AzSubEnum git:(main) ✗ python3 azsubenum.py --help
usage: azsubenum.py [-h] -b BASE [-v] [-t THREADS] [-p PERMUTATIONS]

Azure Subdomain Enumeration

options:
  -h, --help            show this help message and exit
  -b BASE, --base BASE  Base name to use
  -v, --verbose         Show verbose output
  -t THREADS, --threads THREADS
                        Number of threads for concurrent execution
  -p PERMUTATIONS, --permutations PERMUTATIONS
                        File containing permutations

Basic enumeration:

python3 azsubenum.py -b retailcorp --thread 10

Using permutation wordlists:

python3 azsubenum.py -b retailcorp --thread 10 --permutation permutations.txt

With verbose output:

python3 azsubenum.py -b retailcorp --thread 10 --permutation permutations.txt --verbose

Screenshot

Disclaimer

Any actions and or activities related to the material contained within this tool is solely your responsibility. The misuse of the information in this tool can result in criminal charges brought against the persons in question.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Leave a Comment
Share
Published by
Varshini
Tags: AzSubEnumcybersecurityinformationsecuritykalilinuxkalilinuxtools
1 year ago

Recent Posts

evilrdp : The Ultimate Tool For Elevated RDP Command Control

In the realm of remote desktop management, evilrdp stands out as a powerful tool designed…

3 hours ago

wa-tunnel – TCP Tunneling Through Whatsapp

wa-tunnel is an innovative tool designed to tunnel TCP data through two WhatsApp accounts, leveraging…

3 hours ago

Deepfake Apps : How They Function And Their Applications

Deepfake apps are sophisticated tools that utilize advanced AI algorithms, particularly Generative Adversarial Networks (GANs),…

3 hours ago

Subdominator – Unleash The Power Of Subdomain Enumeration

Subdominator is a lightweight and fast tool designed for passive subdomain enumeration, primarily used in…

3 hours ago

Doing The Due Diligence : Analyzing The Next.js Middleware Bypass (CVE-2025-29927)

A critical vulnerability, CVE-2025-29927, has recently been identified in the Next.js ecosystem, allowing attackers to…

4 hours ago

Awesome-Redteam : A Comprehensive Guide To Advanced Red Teaming Tools And Techniques

The Awesome-Redteam repository is a comprehensive collection of tools and resources designed for red teaming…

6 hours ago