AZGetSecrets

This article applies to BHCE and BHE

The ability to read secrets from key vaults.

Abuse Info

Use PowerShell or PowerZure to fetch the certificate from the key vault.

Via PowerZure:

  • Get-AzureKeyVaultContent
  • Export-AzureKeyVaultcontent

Opsec Considerations

Azure will create a new log event for the key vault whenever a secret is accessed.

Updated