Skip to content

Feature/caching recon functions#85

Merged
azurekid merged 3 commits into
mainfrom
feature/caching-recon-functions
Mar 14, 2026
Merged

Feature/caching recon functions#85
azurekid merged 3 commits into
mainfrom
feature/caching-recon-functions

Conversation

@azurekid

Copy link
Copy Markdown
Owner

This pull request delivers a feature release (v1.2.6) for the BlackCat module, focusing on robust Az context change detection and significant enhancements to reconnaissance functions through consistent, configurable result caching. The update ensures that token/session state is properly refreshed when the Az account or context changes, and that repeated scans across reconnaissance commands are much faster and more efficient due to shared, parameterized caching logic.

Az Context Change Detection and Session Management:

  • Invoke-BlackCat now detects changes in the active Az account/context (e.g., after Login-AzAccount, Connect-AzAccount, or Switch-AzContext) and automatically invalidates cached tokens and session headers, preventing stale authentication. The last account ID is tracked in session variables for cross-call comparison. [1] [2] [3]
  • Connect-ServicePrincipal explicitly clears any prior session state from Connect-GraphToken to avoid stale token usage after switching authentication modes.

Reconnaissance Function Caching Enhancements:

  • Find-AzurePublicResource, Find-PublicStorageContainer, Find-SubDomain, and related functions now support consistent caching parameters: SkipCache, CacheExpirationMinutes, MaxCacheSize, and CompressCache. These allow users to control cache usage, expiration, size, and compression for repeated scans, reducing redundant DNS lookups and improving performance. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12]
  • All caching logic is now robust to errors, with verbose logging if cache retrieval or storage fails, and cache keys are generated per-parameter for precise result reuse.

Other Improvements:

  • Output format options are expanded (e.g., Table output for Find-AzurePublicResource). [1] [2]
  • The default EndpointType for Invoke-FederatedTokenExchange is now MSGraph instead of Azure.
  • Updated module version to 1.2.6 and added detailed changelog entries for all new features and fixes. [1] [2]

Most important changes:

Az Context and Session Handling:

  • Invoke-BlackCat and Get-AccessToken now track the active Az account and invalidate cached tokens/session headers when the Az context changes, preventing use of stale authentication after context switches. [1] [2] [3]
  • Connect-ServicePrincipal clears Graph token session state when switching authentication modes, ensuring proper token refresh.

Reconnaissance Caching Enhancements:

  • Find-AzurePublicResource, Find-PublicStorageContainer, and Find-SubDomain now support user-configurable caching with parameters for skipping cache, expiration, maximum size, and compression, and cache per-parameter results for efficient repeated scans. [1] [2] [3] [4] [5] [6] [7] [8]

User Experience and Output:

  • Added support for Table output format in Find-AzurePublicResource for improved result readability. [1] [2]
  • Expanded documentation for all new caching parameters in function help. [1] [2] [3]

Other:

  • Changed the default EndpointType in Invoke-FederatedTokenExchange to MSGraph.
  • Bumped module version to 1.2.6 and updated CHANGELOG.md with detailed release notes. [1] [2]

@azurekid azurekid self-assigned this Mar 14, 2026
@azurekid azurekid added bug Something isn't working feature request New feature or request labels Mar 14, 2026
@azurekid azurekid moved this to Testing in Blackcat Roadmap Mar 14, 2026
@azurekid azurekid merged commit 07941a5 into main Mar 14, 2026
3 checks passed
@github-project-automation github-project-automation Bot moved this from Testing to Done in Blackcat Roadmap Mar 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

bug Something isn't working feature request New feature or request

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

1 participant