From ddb6d47f4dfab0b23725a987fb371a38291c6be0 Mon Sep 17 00:00:00 2001
From: ishikap-metron <ishika.patidar@metronlabs.com>
Date: Fri, 8 Aug 2025 12:31:43 +0530
Subject: [PATCH 1/4] Create USER_GUIDE.md

---
 published-azurehound-application-user-guide/USER_GUIDE.md | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 published-azurehound-application-user-guide/USER_GUIDE.md

diff --git a/published-azurehound-application-user-guide/USER_GUIDE.md b/published-azurehound-application-user-guide/USER_GUIDE.md
new file mode 100644
index 00000000..9d9015a2
--- /dev/null
+++ b/published-azurehound-application-user-guide/USER_GUIDE.md
@@ -0,0 +1 @@
+Steps to Deploy the SpecterOps AzureHound Managed Application from the Azure Marketplace

From 3abd8294ad455bd7c73705a506ce63e6b6eb82b0 Mon Sep 17 00:00:00 2001
From: ishikap-metron <ishika.patidar@metronlabs.com>
Date: Fri, 8 Aug 2025 13:08:42 +0530
Subject: [PATCH 2/4] Updated USER_GUIDE.md

---
 .../USER_GUIDE.md                             | 96 ++++++++++++++++++-
 1 file changed, 95 insertions(+), 1 deletion(-)

diff --git a/published-azurehound-application-user-guide/USER_GUIDE.md b/published-azurehound-application-user-guide/USER_GUIDE.md
index 9d9015a2..6a8cfa90 100644
--- a/published-azurehound-application-user-guide/USER_GUIDE.md
+++ b/published-azurehound-application-user-guide/USER_GUIDE.md
@@ -1 +1,95 @@
-Steps to Deploy the SpecterOps AzureHound Managed Application from the Azure Marketplace
+**Steps to Deploy the SpecterOps AzureHound Managed Application from the Azure Marketplace**
+1. Log in to the Azure Portal
+2. In the Azure Portal, search and select Marketplace.
+3. Use the search bar to find SpecterOps AzureHound.
+<img width="773" height="660" alt="image10" src="https://github.com/user-attachments/assets/4e040def-01c8-4643-88f0-a7821ba55808" />
+
+
+4. From the search results, click on SpecterOps AzureHound to open the product page.
+5. Click the "Create" button to begin the deployment process.
+<img width="1023" height="791" alt="image11" src="https://github.com/user-attachments/assets/94e479b6-d5f3-41ab-acbd-4a15344b2cf9" />
+
+
+6. Configure Basic Settings :
+- Choose the Subscription under which to deploy the application.
+- Select or create a Resource Group.
+- Enter a Region for deployment.
+- Provide a name for your Managed Application, then click Next.
+
+<img width="832" height="869" alt="image5" src="https://github.com/user-attachments/assets/3f2407fe-5918-471f-a684-898671ca97fd" />
+
+Steps to Register an Application in Microsoft Entra ID
+- Sign in to the Microsoft Entra Admin Center.
+- Navigate to Entra ID > App registrations.
+- Click + New registration.
+- Provide a meaningful Name for the application (e.g., azurehound-client-app).
+- Under Supported account types, select - Accounts in this organizational directory only.
+- Click Register to create the application.
+- Once registration is complete, you'll be redirected to the application’s Overview page.
+- Copy and save the Application (client) ID — you'll need it during deployment.
+
+ Create a new application secret
+- Select App registrations and select your application from the list.
+- Select Certificates & secrets.
+- Select Client secrets, and then Select New client secret.
+- Provide a description of the secret, and a duration.
+- Select Add.
+
+To obtain the BloodHound Token ID and Token Secret, follow these steps:
+- Log in to your BloodHound instance.
+- Navigate to Administration > Manage Clients.
+- Click Create Client to generate a new managed client.
+- Once created, copy the Token ID and Token Secret — these values will be used in the application deployment parameters.
+
+<img width="801" height="458" alt="image1" src="https://github.com/user-attachments/assets/7507863d-23f6-4ea6-861d-78c493a83837" />
+
+
+7. Fill in the required Azurehound Config Params:
+- Azure Tenant ID - Your Azure Tenant ID.
+- Azure Application ID - Register an application in Microsoft Entra ID, and grant it the Directory.Read.All, RoleManagement.Read.All API permissions and admin consent.
+<img width="1071" height="286" alt="image7" src="https://github.com/user-attachments/assets/906587fe-9fb4-4c77-b669-d6ac400fb5cf" />
+
+
+- Azure Secret ID - Create a Client Secret for the registered app, and enter the secret value (not the ID).
+- BloodHound Instance Domain - Enter your BloodHound instance domain name
+- BloodHound Token ID - Enter the Managed Client Token ID.
+- BloodHound Token Secret -Enter the Managed Client Token Secret.
+- Azure Function Package - Enter URI to access Azure Function Package
+  https://saazurehounddev.blob.core.windows.net/azurefunction/containerRestartFunction.zip 
+
+8. Click Next, then Review + Create.
+After validation, click Create to begin deployment.
+
+
+**Start a job in Bloodhound**
+
+After creating a Client in the Manage Clients section of BloodHound:
+- Locate your client in the list.
+- Click the menu icon (three horizontal lines) on the right side of the client row.
+- Select On Demand Scan and click Run to start the job immediately.
+- Optional - Schedule a Job (If you'd like AzureHound to run on a regular schedule)
+Click Edit Client > Configure the Collection Schedule based on your preferred timing and frequency > Save the changes to apply the schedule.
+
+<img width="348" height="891" alt="image3" src="https://github.com/user-attachments/assets/61848c27-9d3d-4a88-93e0-4dd4e389da36" />
+<img width="348" height="274" alt="image2" src="https://github.com/user-attachments/assets/61526c96-fd95-4f0f-84d0-d84dd25161e7" />
+
+After the deployment is finished, you can check your managed application's status.
+Navigate to the resource group you selected during the deployment. Under the Overview tab, you will find your deployed Managed Application listed among the resources.
+<img width="1334" height="533" alt="image6" src="https://github.com/user-attachments/assets/47976b83-3d66-4c96-8fd8-73605de0f794" />
+
+Click on your deployed Managed Application
+<img width="1187" height="658" alt="new-image-" src="https://github.com/user-attachments/assets/79b35322-4e80-434c-a1a9-1a8541619dc1" />
+Click on the Managed resource group, and you can see the resources deployed.
+
+**View Logs from the Deployed Container App**
+To monitor and troubleshoot your AzureHound deployment, you can access real-time logs from the container app:
+- In the Managed resource group, in Resources, search for the container app and open the Container App resource.
+  
+<img width="1080" height="323" alt="image4" src="https://github.com/user-attachments/assets/5f5675e1-7bb1-40a9-8c45-b0b51f3cf1d3" />
+
+- In the left-hand search bar within the Container App blade, type Log Stream and select it from the options.
+- Set the Display to Real-Time.
+- Under Category, select Application to view logs generated by the AzureHound application.
+<img width="977" height="465" alt="image8" src="https://github.com/user-attachments/assets/54d22ee8-d35d-4463-88d6-8bed15c4255b" />
+
+By following the steps outlined in this guide, you can successfully deploy and configure AzureHound as a Managed Application in Microsoft Azure. This streamlined approach ensures minimal manual setup, secure integration with Azure services, and seamless visualization of Azure data within the BloodHound platform.

From bab5da6bf371d7fae0a1754f8fcb292cb22da6cc Mon Sep 17 00:00:00 2001
From: ishikap-metron <ishika.patidar@metronlabs.com>
Date: Fri, 8 Aug 2025 15:58:11 +0530
Subject: [PATCH 3/4] Final changes with ss

---
 .../USER_GUIDE.md                             | 76 ++++++++++---------
 1 file changed, 39 insertions(+), 37 deletions(-)

diff --git a/published-azurehound-application-user-guide/USER_GUIDE.md b/published-azurehound-application-user-guide/USER_GUIDE.md
index 6a8cfa90..43dc1220 100644
--- a/published-azurehound-application-user-guide/USER_GUIDE.md
+++ b/published-azurehound-application-user-guide/USER_GUIDE.md
@@ -1,60 +1,61 @@
 **Steps to Deploy the SpecterOps AzureHound Managed Application from the Azure Marketplace**
 1. Log in to the Azure Portal
 2. In the Azure Portal, search and select Marketplace.
-3. Use the search bar to find SpecterOps AzureHound.
+3. Use the search bar to find **SpecterOps AzureHound**.
 <img width="773" height="660" alt="image10" src="https://github.com/user-attachments/assets/4e040def-01c8-4643-88f0-a7821ba55808" />
 
-
 4. From the search results, click on SpecterOps AzureHound to open the product page.
 5. Click the "Create" button to begin the deployment process.
-<img width="1023" height="791" alt="image11" src="https://github.com/user-attachments/assets/94e479b6-d5f3-41ab-acbd-4a15344b2cf9" />
+<img width="1023" height="791" alt="image11" src="https://github.com/user-attachments/assets/10fb6bfb-8c31-4682-9f42-2eeee3f873ce" />
+
 
 
 6. Configure Basic Settings :
-- Choose the Subscription under which to deploy the application.
-- Select or create a Resource Group.
-- Enter a Region for deployment.
-- Provide a name for your Managed Application, then click Next.
-
-<img width="832" height="869" alt="image5" src="https://github.com/user-attachments/assets/3f2407fe-5918-471f-a684-898671ca97fd" />
-
-Steps to Register an Application in Microsoft Entra ID
-- Sign in to the Microsoft Entra Admin Center.
-- Navigate to Entra ID > App registrations.
-- Click + New registration.
-- Provide a meaningful Name for the application (e.g., azurehound-client-app).
-- Under Supported account types, select - Accounts in this organizational directory only.
-- Click Register to create the application.
+- Choose the **Subscription** under which to deploy the application.
+- Select or create a **Resource Group**.
+- Enter a **Region** for deployment.
+- Provide a name for your **Managed Application**, then click Next.
+<img width="832" height="869" alt="image5" src="https://github.com/user-attachments/assets/786de45b-7506-4a2e-b0bb-dae1430404fe" />
+
+
+**Steps to Register an Application in Microsoft Entra ID**
+- Sign in to the **Microsoft Entra** Admin Center.
+- Navigate to **Entra ID** > **App registrations**.
+- Click - **New registration**.
+- Provide a meaningful Name for the Application (e.g., azurehound-client-app).
+- Under Supported account types, select - **Accounts in this organizational directory only**.
+- Click Register to create the Application.
 - Once registration is complete, you'll be redirected to the application’s Overview page.
-- Copy and save the Application (client) ID — you'll need it during deployment.
+- Copy and save the **Application (client) ID** — you'll need it during deployment.
 
- Create a new application secret
+ **Create a new Application Secret**
 - Select App registrations and select your application from the list.
-- Select Certificates & secrets.
+- Select **Certificates & secrets**.
 - Select Client secrets, and then Select New client secret.
 - Provide a description of the secret, and a duration.
-- Select Add.
+- Select **Add**.
 
-To obtain the BloodHound Token ID and Token Secret, follow these steps:
-- Log in to your BloodHound instance.
-- Navigate to Administration > Manage Clients.
-- Click Create Client to generate a new managed client.
-- Once created, copy the Token ID and Token Secret — these values will be used in the application deployment parameters.
+**To obtain the BloodHound Token ID and Token Secret, follow these steps:**
+- Log in to your **BloodHound instance**.
+- Navigate to **Administration** > **Manage Clients**.
+- Click Create Client to generate a new Managed Client.
+- Once created, copy the **Token ID** and **Token Secret** — these values will be used in the application deployment parameters.
 
 <img width="801" height="458" alt="image1" src="https://github.com/user-attachments/assets/7507863d-23f6-4ea6-861d-78c493a83837" />
 
 
-7. Fill in the required Azurehound Config Params:
-- Azure Tenant ID - Your Azure Tenant ID.
-- Azure Application ID - Register an application in Microsoft Entra ID, and grant it the Directory.Read.All, RoleManagement.Read.All API permissions and admin consent.
-<img width="1071" height="286" alt="image7" src="https://github.com/user-attachments/assets/906587fe-9fb4-4c77-b669-d6ac400fb5cf" />
+7. Fill in the required AzureHound Config Params:
+- **Azure Tenant ID** - Your Azure Tenant ID.
+- **Azure Application ID** - Register an application in Microsoft Entra ID, and grant it the Directory.Read.All, RoleManagement.Read.All API permissions and admin consent.
 
+<img width="1071" height="286" alt="image7" src="https://github.com/user-attachments/assets/aaca6471-2935-4725-afaf-fb057cd6fb6a" />
 
-- Azure Secret ID - Create a Client Secret for the registered app, and enter the secret value (not the ID).
-- BloodHound Instance Domain - Enter your BloodHound instance domain name
-- BloodHound Token ID - Enter the Managed Client Token ID.
-- BloodHound Token Secret -Enter the Managed Client Token Secret.
-- Azure Function Package - Enter URI to access Azure Function Package
+
+- **Azure Secret ID** - Create a Client Secret for the registered app, and enter the secret value (not the ID).
+- **BloodHound Instance Domain** - Enter your BloodHound instance domain name
+- **BloodHound Token ID** - Enter the Managed Client Token ID.
+- **BloodHound Token Secret** -Enter the Managed Client Token Secret.
+- **Azure Function Package** - Enter URI to access Azure Function Package
   https://saazurehounddev.blob.core.windows.net/azurefunction/containerRestartFunction.zip 
 
 8. Click Next, then Review + Create.
@@ -75,9 +76,10 @@ Click Edit Client > Configure the Collection Schedule based on your preferred ti
 
 After the deployment is finished, you can check your managed application's status.
 Navigate to the resource group you selected during the deployment. Under the Overview tab, you will find your deployed Managed Application listed among the resources.
-<img width="1334" height="533" alt="image6" src="https://github.com/user-attachments/assets/47976b83-3d66-4c96-8fd8-73605de0f794" />
 
-Click on your deployed Managed Application
+<img width="1334" height="533" alt="image6" src="https://github.com/user-attachments/assets/b0d5fb11-bcaa-47a8-a993-eceb63c7b3b7" />
+
+Click on your **deployed Managed Application**
 <img width="1187" height="658" alt="new-image-" src="https://github.com/user-attachments/assets/79b35322-4e80-434c-a1a9-1a8541619dc1" />
 Click on the Managed resource group, and you can see the resources deployed.
 

From 956881dbab2a0417825019a7d7d5b7424e9aed6d Mon Sep 17 00:00:00 2001
From: ishikap-metron <ishika.patidar@metronlabs.com>
Date: Mon, 11 Aug 2025 13:29:30 +0530
Subject: [PATCH 4/4] Update USER_GUIDE.md

---
 .../USER_GUIDE.md                             | 39 +++++++++----------
 1 file changed, 19 insertions(+), 20 deletions(-)

diff --git a/published-azurehound-application-user-guide/USER_GUIDE.md b/published-azurehound-application-user-guide/USER_GUIDE.md
index 43dc1220..9b099cc6 100644
--- a/published-azurehound-application-user-guide/USER_GUIDE.md
+++ b/published-azurehound-application-user-guide/USER_GUIDE.md
@@ -1,12 +1,12 @@
-**Steps to Deploy the SpecterOps AzureHound Managed Application from the Azure Marketplace**
+# Steps to Deploy the SpecterOps AzureHound Managed Application from the Azure Marketplace
 1. Log in to the Azure Portal
 2. In the Azure Portal, search and select Marketplace.
 3. Use the search bar to find **SpecterOps AzureHound**.
-<img width="773" height="660" alt="image10" src="https://github.com/user-attachments/assets/4e040def-01c8-4643-88f0-a7821ba55808" />
+<img width="773" height="660" alt="Marketplace search for AzureHound" src="https://github.com/user-attachments/assets/4e040def-01c8-4643-88f0-a7821ba55808" />
 
 4. From the search results, click on SpecterOps AzureHound to open the product page.
 5. Click the "Create" button to begin the deployment process.
-<img width="1023" height="791" alt="image11" src="https://github.com/user-attachments/assets/10fb6bfb-8c31-4682-9f42-2eeee3f873ce" />
+<img width="1023" height="791" alt="SpecterOps AzureHound Managed Application" src="https://github.com/user-attachments/assets/10fb6bfb-8c31-4682-9f42-2eeee3f873ce" />
 
 
 
@@ -15,10 +15,10 @@
 - Select or create a **Resource Group**.
 - Enter a **Region** for deployment.
 - Provide a name for your **Managed Application**, then click Next.
-<img width="832" height="869" alt="image5" src="https://github.com/user-attachments/assets/786de45b-7506-4a2e-b0bb-dae1430404fe" />
+<img width="832" height="869" alt="AzureHound Basic Config" src="https://github.com/user-attachments/assets/786de45b-7506-4a2e-b0bb-dae1430404fe" />
 
 
-**Steps to Register an Application in Microsoft Entra ID**
+### Steps to Register an Application in Microsoft Entra ID
 - Sign in to the **Microsoft Entra** Admin Center.
 - Navigate to **Entra ID** > **App registrations**.
 - Click - **New registration**.
@@ -28,41 +28,40 @@
 - Once registration is complete, you'll be redirected to the application’s Overview page.
 - Copy and save the **Application (client) ID** — you'll need it during deployment.
 
- **Create a new Application Secret**
+### Create a new Application Secret
 - Select App registrations and select your application from the list.
 - Select **Certificates & secrets**.
 - Select Client secrets, and then Select New client secret.
 - Provide a description of the secret, and a duration.
 - Select **Add**.
 
-**To obtain the BloodHound Token ID and Token Secret, follow these steps:**
+### To obtain the BloodHound Token ID and Token Secret, follow these steps:
 - Log in to your **BloodHound instance**.
 - Navigate to **Administration** > **Manage Clients**.
 - Click Create Client to generate a new Managed Client.
 - Once created, copy the **Token ID** and **Token Secret** — these values will be used in the application deployment parameters.
 
-<img width="801" height="458" alt="image1" src="https://github.com/user-attachments/assets/7507863d-23f6-4ea6-861d-78c493a83837" />
+<img width="801" height="458" alt="AzureHound Config" src="https://github.com/user-attachments/assets/7507863d-23f6-4ea6-861d-78c493a83837" />
 
 
 7. Fill in the required AzureHound Config Params:
 - **Azure Tenant ID** - Your Azure Tenant ID.
 - **Azure Application ID** - Register an application in Microsoft Entra ID, and grant it the Directory.Read.All, RoleManagement.Read.All API permissions and admin consent.
 
-<img width="1071" height="286" alt="image7" src="https://github.com/user-attachments/assets/aaca6471-2935-4725-afaf-fb057cd6fb6a" />
+<img width="1071" height="286" alt="Azure Client Graph Permission" src="https://github.com/user-attachments/assets/aaca6471-2935-4725-afaf-fb057cd6fb6a" />
 
 
 - **Azure Secret ID** - Create a Client Secret for the registered app, and enter the secret value (not the ID).
 - **BloodHound Instance Domain** - Enter your BloodHound instance domain name
 - **BloodHound Token ID** - Enter the Managed Client Token ID.
 - **BloodHound Token Secret** -Enter the Managed Client Token Secret.
-- **Azure Function Package** - Enter URI to access Azure Function Package
-  https://saazurehounddev.blob.core.windows.net/azurefunction/containerRestartFunction.zip 
-
+- **Azure Function Package** - Enter URI to access the [Azure Function Package](https://saazurehounddev.blob.core.windows.net/azurefunction/containerRestartFunction.zip)
+   
 8. Click Next, then Review + Create.
 After validation, click Create to begin deployment.
 
 
-**Start a job in Bloodhound**
+## Start a job in Bloodhound
 
 After creating a Client in the Manage Clients section of BloodHound:
 - Locate your client in the list.
@@ -71,27 +70,27 @@ After creating a Client in the Manage Clients section of BloodHound:
 - Optional - Schedule a Job (If you'd like AzureHound to run on a regular schedule)
 Click Edit Client > Configure the Collection Schedule based on your preferred timing and frequency > Save the changes to apply the schedule.
 
-<img width="348" height="891" alt="image3" src="https://github.com/user-attachments/assets/61848c27-9d3d-4a88-93e0-4dd4e389da36" />
-<img width="348" height="274" alt="image2" src="https://github.com/user-attachments/assets/61526c96-fd95-4f0f-84d0-d84dd25161e7" />
+<img width="348" height="891" alt="Create BloodHound Manage Client" src="https://github.com/user-attachments/assets/61848c27-9d3d-4a88-93e0-4dd4e389da36" />
+<img width="348" height="274" alt="Create AzureHound Client" src="https://github.com/user-attachments/assets/61526c96-fd95-4f0f-84d0-d84dd25161e7" />
 
 After the deployment is finished, you can check your managed application's status.
 Navigate to the resource group you selected during the deployment. Under the Overview tab, you will find your deployed Managed Application listed among the resources.
 
-<img width="1334" height="533" alt="image6" src="https://github.com/user-attachments/assets/b0d5fb11-bcaa-47a8-a993-eceb63c7b3b7" />
+<img width="1334" height="533" alt="Resource group" src="https://github.com/user-attachments/assets/b0d5fb11-bcaa-47a8-a993-eceb63c7b3b7" />
 
 Click on your **deployed Managed Application**
-<img width="1187" height="658" alt="new-image-" src="https://github.com/user-attachments/assets/79b35322-4e80-434c-a1a9-1a8541619dc1" />
+<img width="1187" height="658" alt="Managed Application" src="https://github.com/user-attachments/assets/79b35322-4e80-434c-a1a9-1a8541619dc1" />
 Click on the Managed resource group, and you can see the resources deployed.
 
-**View Logs from the Deployed Container App**
+## View Logs from the Deployed Container App
 To monitor and troubleshoot your AzureHound deployment, you can access real-time logs from the container app:
 - In the Managed resource group, in Resources, search for the container app and open the Container App resource.
   
-<img width="1080" height="323" alt="image4" src="https://github.com/user-attachments/assets/5f5675e1-7bb1-40a9-8c45-b0b51f3cf1d3" />
+<img width="1080" height="323" alt="Container App" src="https://github.com/user-attachments/assets/5f5675e1-7bb1-40a9-8c45-b0b51f3cf1d3" />
 
 - In the left-hand search bar within the Container App blade, type Log Stream and select it from the options.
 - Set the Display to Real-Time.
 - Under Category, select Application to view logs generated by the AzureHound application.
-<img width="977" height="465" alt="image8" src="https://github.com/user-attachments/assets/54d22ee8-d35d-4463-88d6-8bed15c4255b" />
+<img width="977" height="465" alt="Container Log Stream" src="https://github.com/user-attachments/assets/54d22ee8-d35d-4463-88d6-8bed15c4255b" />
 
 By following the steps outlined in this guide, you can successfully deploy and configure AzureHound as a Managed Application in Microsoft Azure. This streamlined approach ensures minimal manual setup, secure integration with Azure services, and seamless visualization of Azure data within the BloodHound platform.