Feature/caching recon functions#85
Merged
Merged
Conversation
…ameters to control cache behavior
…tection in token management
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request delivers a feature release (v1.2.6) for the BlackCat module, focusing on robust Az context change detection and significant enhancements to reconnaissance functions through consistent, configurable result caching. The update ensures that token/session state is properly refreshed when the Az account or context changes, and that repeated scans across reconnaissance commands are much faster and more efficient due to shared, parameterized caching logic.
Az Context Change Detection and Session Management:
Invoke-BlackCatnow detects changes in the active Az account/context (e.g., afterLogin-AzAccount,Connect-AzAccount, orSwitch-AzContext) and automatically invalidates cached tokens and session headers, preventing stale authentication. The last account ID is tracked in session variables for cross-call comparison. [1] [2] [3]Connect-ServicePrincipalexplicitly clears any prior session state fromConnect-GraphTokento avoid stale token usage after switching authentication modes.Reconnaissance Function Caching Enhancements:
Find-AzurePublicResource,Find-PublicStorageContainer,Find-SubDomain, and related functions now support consistent caching parameters:SkipCache,CacheExpirationMinutes,MaxCacheSize, andCompressCache. These allow users to control cache usage, expiration, size, and compression for repeated scans, reducing redundant DNS lookups and improving performance. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12]Other Improvements:
Tableoutput forFind-AzurePublicResource). [1] [2]EndpointTypeforInvoke-FederatedTokenExchangeis nowMSGraphinstead ofAzure.Most important changes:
Az Context and Session Handling:
Invoke-BlackCatandGet-AccessTokennow track the active Az account and invalidate cached tokens/session headers when the Az context changes, preventing use of stale authentication after context switches. [1] [2] [3]Connect-ServicePrincipalclears Graph token session state when switching authentication modes, ensuring proper token refresh.Reconnaissance Caching Enhancements:
Find-AzurePublicResource,Find-PublicStorageContainer, andFind-SubDomainnow support user-configurable caching with parameters for skipping cache, expiration, maximum size, and compression, and cache per-parameter results for efficient repeated scans. [1] [2] [3] [4] [5] [6] [7] [8]User Experience and Output:
Tableoutput format inFind-AzurePublicResourcefor improved result readability. [1] [2]Other:
EndpointTypeinInvoke-FederatedTokenExchangetoMSGraph.1.2.6and updatedCHANGELOG.mdwith detailed release notes. [1] [2]