ROADtools is a comprehensive framework designed for interacting with Azure AD environments. It provides a suite of tools suitable for both offensive and defensive security operations. The framework includes:
- ROADlib: A Python library offering common components for Azure AD authentication and data interaction. It features an automatically generated database model based on Azure AD internal API metadata.
- ROADrecon: An Azure AD exploration tool that leverages asynchronous HTTP calls to gather information and store it in an SQLAlchemy-backed database. It includes a GUI built with Angular for analysis and querying.
- ROADtx (ROADtools Token eXchange): A tool for exchanging and utilizing various Azure AD tokens, supporting multiple authentication flows, device registration, and PRT-related tasks.
Key features include:
- Automated metadata model generation.
- Asynchronous data collection.
- Offline database querying.
- Support for various Azure AD authentication flows.
ROADtools is primarily targeted towards:
- Red teamers for offensive security assessments.
- Blue teamers for defensive security monitoring and analysis.
- Security professionals involved in Azure AD environments.
