From cd4b4b03f830516c9210659b25617cba8565871c Mon Sep 17 00:00:00 2001 From: Christophe Tafani-Dereeper Date: Mon, 7 Aug 2023 12:58:59 +0200 Subject: [PATCH] Add instructions to use the JWT from the az cli --- docs/data-collection/azurehound.rst | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/data-collection/azurehound.rst b/docs/data-collection/azurehound.rst index 6d3428655..eae4d5293 100644 --- a/docs/data-collection/azurehound.rst +++ b/docs/data-collection/azurehound.rst @@ -41,7 +41,13 @@ need to supply a username or password when supplying a JWT: :: ./azurehound -j "ey..." list users --tenant "contoso.onmicrosoft.com" - + +If you're currently authenticated through the Azure CLI, you can use: + +:: + + ./azurehound -j "$(az account get-access-token --resource=https://graph.microsoft.com/ | jq -r .accessToken)" list users --tenant "contoso.onmicrosoft.com" + When collecting data for import into BloodHound, you must use the -o switch to instruct AzureHound to output to a file. For example, to list all available data in both AzureAD and AzureRM, you can do this: