MSFTRecon: Unauthenticated Recon Tool for Microsoft 365 & Azure

by · Published · Updated

MSFTRecon is a reconnaissance tool designed for red teamers and security professionals to map Microsoft 365 and Azure tenant infrastructure. It performs comprehensive enumeration without requiring authentication, helping identify potential security misconfigurations and attack vectors.

MSFTRecon provides valuable insights for red teamers:

  1. Identity Attack Vectors

    • Identifies authentication methods for targeted attacks
    • Reveals potential password spray opportunities
    • Highlights federation configurations for SAML attacks

  2. Application Attack Surface

    • Discovers exposed enterprise applications
    • Identifies OAuth abuse opportunities
    • Reveals admin consent endpoints for phishing

  3. Infrastructure Insights

    • Maps Azure services for lateral movement
    • Identifies B2C configurations
    • Discovers potential storage misconfigurations

  4. Security Control Awareness

    • Detects MDI presence for evasion planning
    • Identifies conditional access configurations
    • Reveals authentication requirements

Installation

# Clone the repository
git clone https://github.com/Arcanum-Sec/msftrecon.git
cd msftrecon

# Create virtual environment
python3 -m venv venv
source venv/bin/activate

# Install requirements
pip install -r requirements.txt
chmod +x msftrecon.py

Use

Microsoft 365 reconnaissance

Source: https://github.com/Arcanum-Sec/

Tags: