hero background
Open Source Tool MIT License

punch-bus

A small utility to test Azure Service Bus

View on GitHub

About punch-bus

punch-bus is a small utility inspired by punch-q, designed to support security testing on Azure Service Bus. It is a toolkit for enumerating and exploring namespaces, sniffing and injecting messages, and discovering Azure Service Bus resources.

Core Capabilities

Using punch-bus, you can discover valid Azure Service Bus namespaces through wordlist enumeration, map out existing queues, topics, and subscriptions, validate authentication while assessing granular access permissions, and actively sniff, dump, inject, or replay messages to identify misconfigurations and manipulate messaging flows.

Core Commands

  • auth: Test authentication and authorization permissions on Azure Service Bus namespaces
  • completion: Generate the autocompletion script for the specified shell
  • discover: Enumerate and discover Azure Service Bus resources
  • enum: Enumerate and recon Azure Service Bus namespaces
  • messages: Sniff, dump, inject, and replay messages
  • help: Help about any command