GraphRunnerGUI.html
While not as fully featured as the GraphRunner PowerShell script the HTML GUI can be useful in times when you want to visually click through items such as email, Teams messages, SharePoint/OneDrive drives, and more. All it requires is that you have an authenticated access token to the Microsoft Graph API. Each of the functionalities require different permissions so unless your token has been scoped correctly some functions may not work.
Open the GraphRunnerGUI.html file in a web browser. Once opened, input your authenticated access token into the "Access Token" field. After doing so, all functionality in the page will utilize this token during requests to the Microsoft Graph API. It's important to understand that every action against the Microsoft Graph API relies on specific permissions being scoped to the token you have. When in doubt refer to this permissions reference guide: https://learn.microsoft.com/en-us/graph/permissions-reference
The GUI has a "Parse Token" function that will parse your token and display the permissions that are scoped to your token.
The Custom API Request section gives you a place to make custom requests to the API if you wish. You can use the drop down to select other HTTP methods and can use the text box to insert POST data.
The directory sections provide the ability to gather users and groups from the directory. The "Export" button will create a text file of the results. Clicking on a group name will display the members of that group below.
The "Email Viewer (Current User)" section is where you can load recent messages from the current account as well as search for specific terms. Clicking on a message will load it in an HTML email viewer below the list of emails.
The "Email Viewer (Other Users)" section is where you can read mailboxes that have been shared by other users. Use this in collaboration with the Invoke-GraphOpenInboxFinder module from the GraphRunner.ps1 script to discover mailboxes that have been misconfigured in the tenant to allow other users to access them.
The "Send Email" section allows you to send emails from the current account including the ability to add attachments.
The "Teams Chat Viewer (Direct Messages and Group Chat)" loads Teams chat conversations where the user is either DM'ing with someone or part of a group chat. Clicking on the conversation date box will load the recent messages from that chat. While a conversation is selected messages can be sent to that particular conversation through the "Send Message to Teams Chat" text box.
The "Teams Chat Viewer (Org Teams)" can list out the organizational channels the user is a part of.
The "OneDrive My Files" button will load files from the current user's OneDrive file share. Folders can be navigated through and files can be downloaded here.
The "OneDrive Shared Files" button will load files that have been shared with the user. This is commonly where files sent through Teams messages are located.
The SharePoint section will load the user's SharePoint documents.
