Azure Cloud Configuration Review Using ScoutSuite Tool

User can install ScoutSuite tool using Git.
Commands are mentioned below.

Via Git

$ git clone https://github.com/nccgroup/ScoutSuite
$ cd ScoutSuite
$ virtualenv -p python3 venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ python scout.py — help

For Azure cloud scan : once ScouteSuite is installed, we need to install azure-cli to connect ScoutSuite to respective Azure cloud account.

$ pip install azure-cli

After azure-cli installation, configure azure account using below command, this command will open browser and ask user to login to respective cloud account to be scanned.

$ az login

After login to azure account, run the scan using below command

$ python scout.py azure — cli (use this command when only one subscription ID is assigned to your azure account)

or

python scout.py azure — cli — subscriptions “subcriptionID” (use this command when multiple subscription IDs are assigned to your azure account)

Once after scan completion, automatically .html report will open up in browser, report looks as shown below.

!! Happy Learning !!