A collection of scripts for finding threats in Office365
Py365
A collection of scripts for finding threats in Office365.
Prerequisities
This tool requires Reqeusts, Requests-cache and Jinja2 – these can be installed with pip install -r requirements.txt
It requires an administrative access to AzureAD & Office365 environment to set up but no specific account is required for its continued use.
You will need to create a new application registration in the AzureAD portal and grant it the following permissions at the application level and grant admin consent for them:
- Microsoft Graph
- Mail.ReadBasic.All
- MailboxSettings.Read
- User.Read.All
Next, generate a secret and make a record of the secret string as well as the app/client ID.
You will then need to make a copy of config.example.py and update it with your own domain, app id and secret
Usage
Just