MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

A fork of the great TokenTactics with support for CAE and token endpoint v2

Initial Access and Post-Exploitation Tool for Entra ID and M365 with a browser-based GUI

Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily

😎 Awesome list of all things related to Microsoft Entra

It helps penetration testers or red teamers identify clients that allow **single-factor token acquisition** using username and password only — bypassing Conditional Access and MFA, if allowed by th…

A collection of scripts for assessing Microsoft Azure security

Research into Undocumented Behavior of Azure AD Refresh Tokens

A collection of Azure AD/Entra tools for offensive and defensive security purposes

Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy

A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable with a simple HTML GUI.

A pure PowerShell solution for Entra OAuth authentication, enabling easy retrieval of access and refresh tokens

AzureADRecon is a tool which gathers information about the Azure Active Directory and generates a report which can provide a holistic picture of the current state of the target environment.

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Azure AD cheatsheet for the CARTP course

Security tools for purple team, AI security, and M365/GWS. Authorized use only.

a map for the azure oriented pentests