Network Security Channel

It consists of three separate parts: A PowerShell script where the majority of modules are located An HTML GUI that can leverage an access token to navigate and pillage a user's account A simple PHP redirector for harvesting authentication codes during an OAuth flow Main Features Search and export email Search and export SharePoint and OneDrive files accessible to a user Search all Teams chats and channels visible to the user and export full conversations Deploy malicious apps Discover misconfigured mailboxes that are exposed Clone security groups to carry out watering hole attacks Find groups that can be modified directly by your user or where membership rules can be abused to gain access Search all user attributes for specific terms Leverage a GUI built on the Graph API to pillage a user's account Dump conditional access policies Dump app registrations and external apps including consent and scope to identify potentially malicious apps Tools to complete OAuth flow during consent grant attacks GraphRunner doesn't rely on any third-party libraries or modules Works with Windows and Linux Continuously refresh your token package