-u
or --username
- The user principal name of the AzureAD user you wish to authenticate as. UPN format is “username@domain.com”-p
or --password
- The clear-text password of the AzureAD user.-a
or --app
- The Application ID that the Azure app registration portal assigned when the app was registered.-s
or --secret
- The Application Secret generated for the app in the app registration portal.-j
or --jwt
- An MS Graph or AzureRM scoped JWT. These JWTs last a maximum of 90 minutes, so you may need to get a new JWT to enumerate data with AzureHound later.-r
or --refresh-token
- A refresh token. AzureHound will automatically exchange this for an appropriately scoped JWT when accessing the MS Graph and AzureRM APIs.-t
or --tenant
- The directory tenant you want to request permission from. This can be in GUID or friendly name format.-b
- Filter by one or more subscription IDs. AzureHound will automatically dedupe this list for you.-m
- Filter by one or more management group IDs. AzureHound will automatically dedupe all descendant management groups and subscriptions for you.-o
or --output
- Instructs AzureHound to write its output to a specified file name.--log-file
- Output logs to this file-v
or --verbosity
- AzureHound verbosity level (defaults to 0), a higher value gives more verbosity [Min: -1, Max: 2]