azuread topic

365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.

AlteredSecurity

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

silverhack

An iOS sample in Swift that authenticates Microsoft Account and Azure AD users and calls the Graph API using OAuth 2.0

Azure-Samples

My everyday PS code as well as a collection of scripts I have downloaded for reference

compwiz32

Active directory Join script for Ubuntu, Debian, CentOS, Linux Mint, Fedora, Kali, Elementary OS and Raspbian with built in failchcheck and debugmode for Ubuntu. "The most advanced and updated AD join...

PierreGode

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

nyxgeek

Collect / retrieve Office365, AzureAD and DLP audit logs and output to PRTG, Azure Log Analytics Workspace, SQL, Graylog, Fluentd, and/or file output.

ddbnl

Helper functions to connect to Office 365 services or Exchange On-Premises.

michelderooij

An example project to demonstrate the OAuth 2.0 authorization code flow against a protected web api resource with RBAC roles.

keithbabinec

The DNN Azure Active Directory B2C Provider is an Authentication provider for DNN Platform (formerly DotNetNuke) that uses Azure Active Directory B2C OAuth2 authentication to authenticate users.

intelequia