MSFTRecon: Unauthenticated Recon Tool for Microsoft 365 & Azure

by ddos · Published May 22, 2025 · Updated May 21, 2025

MSFTRecon is a reconnaissance tool designed for red teamers and security professionals to map Microsoft 365 and Azure tenant infrastructure. It performs comprehensive enumeration without requiring authentication, helping identify potential security misconfigurations and attack vectors.

MSFTRecon provides valuable insights for red teamers:

Identity Attack Vectors
- Identifies authentication methods for targeted attacks
- Reveals potential password spray opportunities
- Highlights federation configurations for SAML attacks
Application Attack Surface
- Discovers exposed enterprise applications
- Identifies OAuth abuse opportunities
- Reveals admin consent endpoints for phishing

Infrastructure Insights
- Maps Azure services for lateral movement
- Identifies B2C configurations
- Discovers potential storage misconfigurations
Security Control Awareness
- Detects MDI presence for evasion planning
- Identifies conditional access configurations
- Reveals authentication requirements

Installation

# Clone the repository
git clone https://github.com/Arcanum-Sec/msftrecon.git
cd msftrecon

# Create virtual environment
python3 -m venv venv
source venv/bin/activate

# Install requirements
pip install -r requirements.txt
chmod +x msftrecon.py

Use

Source: https://github.com/Arcanum-Sec/

MSFTRecon: Unauthenticated Recon Tool for Microsoft 365 & Azure

Search

Brilliantly

Content & Links