MSFTRecon: Unauthenticated Recon Tool for Microsoft 365 & Azure
MSFTRecon is a reconnaissance tool designed for red teamers and security professionals to map Microsoft 365 and Azure tenant infrastructure. It performs comprehensive enumeration without requiring authentication, helping identify potential security misconfigurations and attack vectors.
MSFTRecon provides valuable insights for red teamers:
-
Identity Attack Vectors
- Identifies authentication methods for targeted attacks
- Reveals potential password spray opportunities
- Highlights federation configurations for SAML attacks
-
Application Attack Surface
- Discovers exposed enterprise applications
- Identifies OAuth abuse opportunities
- Reveals admin consent endpoints for phishing
-
Infrastructure Insights
- Maps Azure services for lateral movement
- Identifies B2C configurations
- Discovers potential storage misconfigurations
-
Security Control Awareness
- Detects MDI presence for evasion planning
- Identifies conditional access configurations
- Reveals authentication requirements
Installation
[pastacode lang=”bash” manual=”%23%20Clone%20the%20repository%0Agit%20clone%20https%3A%2F%2Fgithub.com%2FArcanum-Sec%2Fmsftrecon.git%0Acd%20msftrecon%0A%0A%23%20Create%20virtual%20environment%0Apython3%20-m%20venv%20venv%0Asource%20venv%2Fbin%2Factivate%0A%0A%23%20Install%20requirements%0Apip%20install%20-r%20requirements.txt%0Achmod%20%2Bx%20msftrecon.py” message=”” highlight=”” provider=”manual”/]
Use
Source: https://github.com/Arcanum-Sec/
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
