ROADTools

ROADTools is a tool for enumerating Entra ID environments. It uses different version of API's that provides more information (AADGraph 1.61-internal). Enumeration using RoadRecon includes three steps:

Authentication
Data Gathering
Data Exploration

Authenticate

We can activate a Python virtual environment to use ROADTools

PS C:\Windows\system32> cd C:\AzAD\Tools\ROADTools\
PS C:\AzAD\Tools\ROADTools> .\venv\Scripts\activate
(venv) PS C:\AzAD\Tools\ROADTools> .\roadrecon\^C
(venv) PS C:\AzAD\Tools\ROADTools> roadrecon auth -u test@pp.onmicrosoft.com -p Password123!
Tokens were written to .roadtools_auth

Once authentication is done we can gather data

Gather data

roadrecon gather

This takes a while (depends if you have a big environment).

Visualize data

We can use roadrecon to analyze the gathered information through a GUI.

roadrecon gui

Get conditional access policies

roadrecon plugin policies

This will write all conditional acccess information to a .html file

PreviousAuthenticated Enumeration NextBloodHound & AzureHound

Last updated 1 month ago