MAAD-AF Bonus Module: Credential Store

Advanced MAAD-AF users may find utility with the ability to store multiple credentials within the tool in order to use them repeatedly during security testing procedures.

Module Overview

In order to store credentials within MAAD-AF, a configuration file must be manually modified by the user.

  1. Open Library\MAAD_Config.ps1 from within the main MAAD-AF folder with a text editor of your choice.

  2. Find the line which looks like: $global:CredentialsList = @().

  3. Modify the variable to include your credentials, similar to the below:

    $global:CredentialsList = @(
   @{"username" = "bob@example.com"; "password" = "hotdog123!"; "token" = "abc123"},
   @{"username" = "alice@example.com"; "password" = "hotdog789!"; "token" = ""}
)

    MAAD Credential Store Config

    Add as many credentials as necessary for your testing.

Notes on credential storage

  • For each stored credential, a username and password value are required.

  • A token value is optional and can be ignored; however, if a token is specified, MAAD-AF will default to using token auth over basic auth.

  • MAAD-AF supports MFA. If an operator attempts to use credentials for an MFA-enabled Azure AD account, the operator will receive a prompt for an MFA token, and will attempt to re-use it across subsequent connections in order to minimize the number of times it will beed to be re-entered.