Purpose
Further the state of O365 security by authoring a PowerShell script that automates the security assessment of Microsoft Office 365 environments.
Setup
365Inspect requires the administrative PowerShell modules for Microsoft Online, Azure AD (We recommend installing the AzureADPreview module), Exchange administration, Microsoft Graph, Microsoft Intune, Microsoft Teams, and Sharepoint administration.
The 365Inspect.ps1 PowerShell script will validate the installed modules.
If you do not have these modules installed, you will be prompted to install them, and with your approval, the script will attempt installation. Otherwise, you should be able to install them with the following commands in an administrative PowerShell prompt, or by following the instructions at the references below:
Install-Module -Name MSOnline
Install-Module -Name AzureADPreview
Install-Module -Name ExchangeOnlineManagement
Install-Module -Name Microsoft.Online.SharePoint.PowerShell
Install-Module -Name Microsoft.Graph
Install-Module -Name MicrosoftTeams
Install-Module -Name Microsoft.Graph.Intune
Install Exchange Online PowerShell
Install Microsoft Teams PowerShell Module
Install Microsoft Intune PowerShell SDK
Once the above are installed, download the 365Inspect source....
Author
- BlogMay 2, 2022Lupo - Malware IOC Extractor and Debugging module for Malware Analysis Automation
- BlogMay 2, 2022DDexec - a technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process
- BlogApril 28, 2022ADReaper - A fast enumeration tool for Windows Active Directory Pentesting written in Go
- BlogApril 27, 2022Shhhloader - SysWhispers Shellcode Loader