Skip to main content
Applies to BloodHound Enterprise and CE AZOwner targets resources in Azure Resource Manager (for example AZResourceGroup, AZSubscription, and AZVM) through role assignment called “Owner”.
The edges AZOwner and AZOwns are distinct as they each apply their own distinct identity and access management platform (AzureRM and Entra ID respectively) with distinct mechanics, abuse primitives, and remediation steps.

Abuse Info

Everything a Contributor can do, with the addition of assigning rights to resources. Object ownership means almost all abuses are possible against the target object.

Opsec Considerations

This depends on which abuse you perform, but in general Azure will create a log for each abuse action.

References