does AzureHound get all data required ?

[commandline-be]

hey,

Thanks for this interesting project BloodHand and the SharpHound and AzureHound collectors. Not entirely sure to log this for BloodHound or for AzureHound. These tools are new to me.

Using version 4.0.3 for BloodHound and AzureHound Beta

The data collected by AzureHound appears limited by the Azure AD configuration for the domain user. I could not find any such restriction documented so i'd rather ask here.

In Bloodhound, none of the queries return data, selecting a user and selecting "shortest path to here' does return data.

I notice there is just one ADGroup visible 'all users' which i don't consider as expected either.

I'd appreciate your feedback on this topic

[kpomeroy1979]

I think you have to use custom queries for AzureHound. Try this link for some

https://hausec.com/2020/11/23/azurehound-cypher-cheatsheet/#comments

Return All Azure Users that are part of the ‘Global Administrator’ Role

MATCH p =(n)-[r:AZGlobalAdmin*1..]->(m) RETURN p