{"id":23868081,"url":"https://github.com/rodnt/quickaz","last_synced_at":"2025-07-06T23:33:25.798Z","repository":{"id":231948160,"uuid":"675883293","full_name":"rodnt/quickaz","owner":"rodnt","description":"Quickly enumerate the attack surfaces on Azure","archived":false,"fork":false,"pushed_at":"2024-04-09T18:48:33.000Z","size":385,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-03T11:17:32.371Z","etag":null,"topics":["azure","pentest","recon","redteam"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rodnt.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-08-08T00:42:39.000Z","updated_at":"2024-04-06T23:52:11.000Z","dependencies_parsed_at":"2024-04-09T19:53:20.767Z","dependency_job_id":null,"html_url":"https://github.com/rodnt/quickaz","commit_stats":null,"previous_names":["rodnt/quickaz"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fquickaz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fquickaz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fquickaz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rodnt%2Fquickaz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rodnt","download_url":"https://codeload.github.com/rodnt/quickaz/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240206997,"owners_count":19765041,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["azure","pentest","recon","redteam"],"created_at":"2025-01-03T11:17:33.686Z","updated_at":"2025-02-22T17:12:18.634Z","avatar_url":"https://github.com/rodnt.png","language":"Python","readme":"\n# **QuickAZ** \n\n\u003e QuickAZ, find (Maybe) attacks surfaces (Azure) 🚩🐍\n\n![](static/Hello.jpeg)\n\n```console\nUsage: quickaz.py [OPTIONS] HOSTNAME\n\n╭─ Arguments ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮\n│ *    hostname      TEXT  [default: None] [required]                                                                                                                                                                                      │\n╰──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯\n╭─ Options ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮\n│ --permutation-wordlist-path                           TEXT  Wordlist with common names to permute while brute force blobs and others services [default: wordlists/permutation.txt]                                                       │\n│ --brute-blob                   --no-brute-blob              Enable brute force blobs [default: no-brute-blob]                                                                                                                            │\n│ --brute-dev-blob               --no-brute-dev-blob          Enable brute force dev.azure.com/[org-id] [default: no-brute-dev-blob]                                                                                                       │\n│ --paths-wordlist-path                                 TEXT  Wordlist with common paths to discover open containers [default: wordlists/paths.txt]                                                                                        │\n│ --regions-wordlist-path                               TEXT  Wordlist with common regions to discover cloudpass [default: wordlists/regions.txt]                                                                                          │\n│ --verbose                      --no-verbose                 [default: no-verbose]                                                                                                                                                        │\n│ --emails                                              TEXT  Wordlist with emails to enumerate [default: None]                                                                                                                            │\n│ --output                                              TEXT  Output folder [default: output]                                                                                                                                              │\n│ --enum-mails                   --no-enum-mails              Enable enumerate emails from wordlist provided or from email generator [default: no-enum-mails]                                                                              │\n│ --gen-emails                                          TEXT  Email pattern to generate emails based on schemas: foo.bar@example.com or fbar@example.com                                                                                   │\n│ --first-names                                         TEXT  Wordlist with firstnames to generate with gen_emails flag [default: wordlists/names/brazil_firstnames.txt]                                                                   │\n│ --last-names                                          TEXT  Wordlist with surname to generate with gen_emails flag [default: wordlists/names/brazil_secondname.txt]                                                                      │\n│ --threads                                             TEXT  Threads while enumerate emails \u003e 2 maybe you get false positives [default: 2]                                                                                                │\n│ --enumall                      --no-enumall                 Enumerate web,queue,files and others [default: no-enumall]                                                                                                                   │\n│ --proxy                                               TEXT  Proxy to use                                                                                                                                                                 │\n│ --socks-proxy                                         TEXT  Socks proxy to use                                                                                                                                                           │\n│ --tor                          --no-tor                     Use tor proxy [default: no-tor]                                                                                                                                              │\n│ --install-completion                                        Install completion for the current shell.                                                                                                                                    │\n│ --show-completion                                           Show completion for the current shell, to copy it or customize the installation.                                                                                             │\n│ --help                                                      Show this message and exit.                                                                                                                                                  │\n╰──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯\n```\n\n##### TODO List :)\n\n[https://github.com/rodnt/quickaz/blob/main/TODO.md](https://github.com/rodnt/quickaz/blob/main/TODO.md)\n\n#### Features\n- [x] Enumerate tenant\n- [x] Enumerate users from a given hostname\n- [x] Realm finder\n- [x] Proxy Support\n- [x] OpenID\n- [x] Container finder\n- [x] Storage finder\n- [x] Find Tenant names\n- [x] Find dev.azure.com/ORG names\n- [x] Find OneDrive Urls \n- [x] Finding open queue,dfs,files,web\n- [x] Enumerate mail users o365\n  - [x] Given wordlist\n  - [x] Schema generator\n\n##### Usage\n\n-  Brute force blobs\n     - `python3 quickaz.py example.com --brute-blob`\n- Enumerate emails at office 365 with list of know emails\n  - `python3 quickaz.py example.com --enum-mails --emails \u003cmails.txt\u003e --output example`\n- Brute Force all services\n  - `python3 quickaz.py example --enumall --brute-blob --output example`\n- Usage with proxy\n  - `python3 quickaz.py example.com --enumall --output example --proxy 127.0.0.1:808`\n- Help menu\n  - `python3 quickaz.py --help`\n\n##### Install\n\n```bash\n\npython3 -m pip install -r requirements.txt --user\n```\n\n##### Useful google dorks\n```\n\nGitHub:\n  \"#EXT#\" AND onmicrosoft.com AND \u003ctarget\u003e lang:Shell OR lang:PowerShell \n  \"https://\" AND \"blob.core.windows.net/newcontainer\" AND sig\n```\n\n```console\n\u003ccompany-name\u003e.blob.core.windows.net\n\u003ccompany-name\u003ecloud.blob.core.windows.net\n\u003ccompany-name\u003eimages.blob.core.windows.net\n\u003ccompany-name\u003ebackup.blob.core.windows.net\n\u003ccompany-name\u003ebackups.blob.core.windows.net\n\u003ccompany-name\u003estorage.blob.core.windows.net\n\u003ccompany-name\u003ecdn.blob.core.windows.net\n\u003ccompany-name\u003eassets.blob.core.windows.net\n\u003ccompany-name\u003efiles.blob.core.windows.net\n\u003ccompany-name\u003eresources.blob.core.windows.net\n\u003ccompany-name\u003edocuments.blob.core.windows.net\n\u003ccompany-name\u003edevelopment.blob.core.windows.net\n\u003ccompany-name\u003eproduction.blob.core.windows.net\n\u003ccompany-name\u003eqa.blob.core.windows.net\n\u003ccompany-name\u003eprod.blob.core.windows.net\n\u003ccompany-name\u003edev.blob.core.windows.net\n\u003ccompany-name\u003estage.blob.core.windows.net\n\u003ccompany-name\u003estaging.blob.core.windows.net\n\u003ccompany-name\u003eweb.blob.core.windows.net\n\u003ccompany-name\u003ewebsite.blob.core.windows.net\n\u003ccompany-name\u003etest.blob.core.windows.net\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frodnt%2Fquickaz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frodnt%2Fquickaz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frodnt%2Fquickaz/lists"}