Cloud-20Engineering/Powershell/RunBooks/SubdomainTakeOverCheck.ps1

using module Effectory.Dns

$effectoryDomainPattern = "*.effectory.com"

Import-Module Az.Accounts
Import-Module Az.Websites
Import-Module Az.FrontDoor
Import-Module Az.Storage
Import-Module Az.Cdn
Import-Module Az.Network
Import-Module Az.TrafficManager
Import-Module Az.ContainerInstance
Import-Module Az.Automation
Import-Module Az.Resources
Import-Module Az.ApiManagement
Import-Module Effectory.Dns -Force
Import-Module DnsClient-PS

# --------------------------------------------------------- Connect to Azure
$connectionName = "AzureRunAsConnection"
try
{
    # Get the connection "AzureRunAsConnection "
    $servicePrincipalConnection = Get-AutomationConnection -Name $connectionName       
    $account = Connect-AzAccount `
        -ServicePrincipal `
        -TenantId $servicePrincipalConnection.TenantId `
        -ApplicationId $servicePrincipalConnection.ApplicationId `
        -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint 
    Write-Verbose ("Connected with Automation Account [$($account.Account)]")
}
catch {
    if (!$servicePrincipalConnection)
    {
        throw "Connection $($connectionName) not found."
    } 
    else
    {
        Write-Error -Message $_.Exception
        throw $_.Exception
    }
}

# --------------------------------------------------------------- Get the connection string
$connectionName = "RunbooksEffectory-StorageConnectionString"
try
{
    $Cred = Get-AutomationPSCredential -Name $connectionName 
    $connectionString = $cred.GetNetworkCredential().Password
    Write-Verbose ("Retrieved connection string to Storage Account [$($cred.UserName)]")
}
catch {
    if (!$connectionString)
    {
        throw "Connection $($connectionName) not found."
    } 
    else
    {
        Write-Error -Message $_.Exception
        throw $_.Exception
    }
}

try {
    # --------------------------------------------------------------- Get the current resources
    $subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"

    [EffectoryDomainNameCheck[]]$effectoryResources = @()

    foreach ($subscription in $subscriptions) 
    {
        $items = Get-EffectoryDomainResources -subscriptionId $subscription.Id -effectoryDomainPattern $effectoryDomainPattern
        $effectoryResources = $effectoryResources + $items
    }

    # --------------------------------------------------------------- Get and compare the previous resources to the current resources

    $effectoryResourcesPrevious = Get-BlobEffectoryDomainResources -connectionString $connectionString
    $hasErrors = VerifyEffectoryDomainResources  -effectoryDomainPattern $effectoryDomainPattern -effectoryResources $effectoryResources -effectoryResourcesPrevious $effectoryResourcesPrevious

    if ($hasErrors -eq $false) {
        Set-BlobEffectoryDomainResources -connectionString $connectionString -effectoryResources $effectoryResources
    }
    else {
        throw "Found domains that could possibly be used for subdomain takeover. Check the log for details."
    }
}
catch {
    Write-Error -Message $_.Exception
    throw $_.Exception
}