# MAAD-AF Bonus Module: Credential Store

Advanced MAAD-AF users may find utility with the ability to store multiple 
credentials within the tool in order to use them repeatedly during security 
testing procedures.

## Module Overview

In order to store credentials within MAAD-AF, a configuration file must be
manually modified by the user.

1. Open `Library\MAAD_Config.ps1` from within the main MAAD-AF folder with a
   text editor of your choice.

2. Find the line which looks like: `$global:CredentialsList = @()`.

3. Modify the variable to include your credentials, similar to the below:

   ```powershell
   $global:CredentialsList = @(
      @{"username" = "bob@example.com"; "password" = "hotdog123!"; "token" = "abc123"},
      @{"username" = "alice@example.com"; "password" = "hotdog789!"; "token" = ""}
   )
   ```

   ![MAAD Credential Store Config](images/maad_credential_store_config.png)

   Add as many credentials as necessary for your testing.

## Notes on credential storage

- For each stored credential, a username and password value are required.
- A token value is optional and can be ignored; however, if a token is
  specified, MAAD-AF will default to using token auth over basic auth.
- **MAAD-AF supports MFA.** If an operator attempts to use credentials for an
  MFA-enabled Azure AD account, the operator will receive a prompt for an MFA
  token, and will attempt to re-use it across subsequent connections in order
  to minimize the number of times it will beed to be re-entered.