m8r1us/azurehound-scoped.ps1

## azurehound-scoped.ps1
$workdir = "C:\AzureAssessment\azurehound" # Dir with azurehound.exe
$tenant = "" # Tenant ID
#$refreshtoken = "" # Uncomment if you have a valid refreshtoken

# Define the scopes for Azure AD
$azAdScopes = "apps", "app-owners", "app-role-assignments", "devices", "device-owners", "groups", "group-members", "group-owners", "roles", "role-assignments", "service-principals", "service-principal-owners", "tenants", "users"
$jwtazAd = "graph.microsoft.com access token"

# Define the scopes for Azure Resource Manager
$azRmScopes = "automation-accounts", "automation-account-role-assignments", "container-registries", "container-registry-role-assignments", "function-apps", "function-app-role-assignments", "key-vaults", "key-vault-access-policies", "key-vault-contributors", "key-vault-kvcontributors", "key-vault-owners", "key-vault-role-assignments", "key-vault-user-access-admins", "logic-apps", "logic-app-role-assignments", "managed-clusters", "managed-cluster-role-assignments", "management-groups", "management-group-descendants", "management-group-owners", "management-group-role-assignments", "management-group-user-access-admins", "resource-groups", "resource-group-owners", "resource-group-role-assignments", "resource-group-user-access-admins", "storage-accounts", "storage-account-role-assignments", "storage-containers", "subscriptions", "subscription-owners", "subscription-role-assignments", "subscription-user-access-admins", "virtual-machines", "virtual-machine-admin-logins", "virtual-machine-avere-contributors", "virtual-machine-contributors", "virtual-machine-owners", "virtual-machine-role-assignments", "virtual-machine-user-access-admins", "virtual-machine-vmcontributors", "vm-scale-sets", "vm-scale-set-role-assignments", "web-apps", "web-app-role-assignments"
$jwtazRm = "management.azure.com access token"

set-location $workdir
$ErrorActionPreference = "SilentlyContinue" # Workaround for non-existent %userprofile%\.config\azurehound\config.json :D
foreach ($azAdScope in $azAdScopes)
{
	$date = Get-Date
	if($refreshtoken)
	{
		& ".\azurehound.exe" list $($azAdScope) -o azurehound_$($azAdScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -r $($refreshtoken)
	}
	else
	{
		& ".\azurehound.exe" list $($azAdScope) -o azurehound_$($azAdScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -j $($jwtazAd)
	}
}
foreach ($azRmScope in $azRmScopes)
{
	$date = Get-Date
	if($refreshtoken)
	{
		& ".\azurehound.exe" list $($azRmScope) -o azurehound_$($azRmScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -r $($refreshtoken)
	}
	else
	{
		& ".\azurehound.exe" list $($azRmScope) -o azurehound_$($azRmScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -j $($jwtazRm)
	}
}
	$workdir = "C:\AzureAssessment\azurehound" # Dir with azurehound.exe
	$tenant = "" # Tenant ID
	#$refreshtoken = "" # Uncomment if you have a valid refreshtoken

	# Define the scopes for Azure AD
	$azAdScopes = "apps", "app-owners", "app-role-assignments", "devices", "device-owners", "groups", "group-members", "group-owners", "roles", "role-assignments", "service-principals", "service-principal-owners", "tenants", "users"
	$jwtazAd = "graph.microsoft.com access token"

	# Define the scopes for Azure Resource Manager
	$azRmScopes = "automation-accounts", "automation-account-role-assignments", "container-registries", "container-registry-role-assignments", "function-apps", "function-app-role-assignments", "key-vaults", "key-vault-access-policies", "key-vault-contributors", "key-vault-kvcontributors", "key-vault-owners", "key-vault-role-assignments", "key-vault-user-access-admins", "logic-apps", "logic-app-role-assignments", "managed-clusters", "managed-cluster-role-assignments", "management-groups", "management-group-descendants", "management-group-owners", "management-group-role-assignments", "management-group-user-access-admins", "resource-groups", "resource-group-owners", "resource-group-role-assignments", "resource-group-user-access-admins", "storage-accounts", "storage-account-role-assignments", "storage-containers", "subscriptions", "subscription-owners", "subscription-role-assignments", "subscription-user-access-admins", "virtual-machines", "virtual-machine-admin-logins", "virtual-machine-avere-contributors", "virtual-machine-contributors", "virtual-machine-owners", "virtual-machine-role-assignments", "virtual-machine-user-access-admins", "virtual-machine-vmcontributors", "vm-scale-sets", "vm-scale-set-role-assignments", "web-apps", "web-app-role-assignments"
	$jwtazRm = "management.azure.com access token"

	set-location $workdir
	$ErrorActionPreference = "SilentlyContinue" # Workaround for non-existent %userprofile%\.config\azurehound\config.json :D
	foreach ($azAdScope in $azAdScopes)
	{
	$date = Get-Date
	if($refreshtoken)
	{
	& ".\azurehound.exe" list $($azAdScope) -o azurehound_$($azAdScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -r $($refreshtoken)
	}
	else
	{
	& ".\azurehound.exe" list $($azAdScope) -o azurehound_$($azAdScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -j $($jwtazAd)
	}
	}
	foreach ($azRmScope in $azRmScopes)
	{
	$date = Get-Date
	if($refreshtoken)
	{
	& ".\azurehound.exe" list $($azRmScope) -o azurehound_$($azRmScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -r $($refreshtoken)
	}
	else
	{
	& ".\azurehound.exe" list $($azRmScope) -o azurehound_$($azRmScope)-$($date.ToString("yyyyMMddHHmm")).json --tenant $tenant -j $($jwtazRm)
	}
	}