Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → nyxgeek → O365recon

nyxgeek / O365recon

retrieve information via O365 with a valid cred

Programming Languages

powershell

5483 projects

Labels

hacking pentesting office365

Projects that are alternatives of or similar to O365recon

Attiny85

RubberDucky like payloads for DigiSpark Attiny85

Stars: ✭ 169 (-17.16%)

Mutual labels: hacking, pentesting

Crithit

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

Stars: ✭ 182 (-10.78%)

Mutual labels: hacking, pentesting

Raccoon

A high performance offensive security tool for reconnaissance and vulnerability scanning

Stars: ✭ 2,312 (+1033.33%)

Mutual labels: hacking, pentesting

Hawkeye

Hawkeye filesystem analysis tool

Stars: ✭ 202 (-0.98%)

Mutual labels: hacking, pentesting

Hrshell

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Stars: ✭ 193 (-5.39%)

Mutual labels: hacking, pentesting

Burpsuite Xkeys

A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.

Stars: ✭ 144 (-29.41%)

Mutual labels: hacking, pentesting

Hack Tools

The all-in-one Red Team extension for Web Pentester 🛠

Stars: ✭ 2,750 (+1248.04%)

Mutual labels: hacking, pentesting

Learn Web Hacking

Study Notes For Web Hacking / Web安全学习笔记

Stars: ✭ 2,326 (+1040.2%)

Mutual labels: hacking, pentesting

Getjs

A tool to fastly get all javascript sources/files

Stars: ✭ 190 (-6.86%)

Mutual labels: hacking, pentesting

Webmap

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Stars: ✭ 188 (-7.84%)

Mutual labels: hacking, pentesting

Quiver

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

Stars: ✭ 140 (-31.37%)

Mutual labels: hacking, pentesting

Evil Ssdp

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Stars: ✭ 204 (+0%)

Mutual labels: hacking, pentesting

Networm

Python network worm that spreads on the local network and gives the attacker control of these machines.

Stars: ✭ 135 (-33.82%)

Mutual labels: hacking, pentesting

Jalesc

Just Another Linux Enumeration Script: A Bash script for locally enumerating a compromised Linux box

Stars: ✭ 152 (-25.49%)

Mutual labels: hacking, pentesting

Cr3dov3r

Know the dangers of credential reuse attacks.

Stars: ✭ 1,700 (+733.33%)

Mutual labels: hacking, pentesting

Hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Stars: ✭ 3,741 (+1733.82%)

Mutual labels: hacking, pentesting

Dnstricker

A simple dns resolver of dns-record and web-record log server for pentesting

Stars: ✭ 128 (-37.25%)

Mutual labels: hacking, pentesting

Evil Winrm

The ultimate WinRM shell for hacking/pentesting

Stars: ✭ 2,251 (+1003.43%)

Mutual labels: hacking, pentesting

Awesome Shodan Queries

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Stars: ✭ 2,758 (+1251.96%)

Mutual labels: hacking, pentesting

Mosint

An automated e-mail OSINT tool

Stars: ✭ 184 (-9.8%)

Mutual labels: hacking, pentesting

View All Similar Projects ➔

o365recon

script to retrieve information via O365 with a valid cred

setup

For most people, you will just have to install the MsOnline module

Install-Module MSOnline

If you want to use the commented out Azure stuff, you will have to install AzureAD

Install-Module -Name AzureAD

usage (updated: 1/5/2019)

Now, with FLAGS! By default, will grab all data.

FLAGS
-U               Get Userlist
-users_detailed  Get detailed information for each user
-users_ldap      Pull down user list in ldap style format
-G               Get Group list
-M               Get Group Membership
-D               Get Domain list
-C               Get Company info

-all             Do simple enum - like enum4linux (-U -G -M -D -C). This is run if no other options are selected.
-outputfile      Output file prefix

Example Usage:

.\o365recon.ps1 -outputfile TEST_OUTPUT

No parameters are required to run. It will prompt you to log in, and then it will retrieve all information it can about that account's O365 configuration.

Retrieves:

Company Info (address, etc)
Domain Info (other domains)
Full user list
Full group list
Group membership for every group

You'll see that the code for the Azure version is commented out, but it can be swapped in if you prefer that method.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 204

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗