-
Notifications
You must be signed in to change notification settings - Fork 165
Home
Beau Bullock edited this page Aug 31, 2023
·
10 revisions
GraphRunner is an offensive post-exploitation toolkit for working with a Microsoft Azure account. It contains various tools for accessing and manipulating data within a tenant and user account.
There are three separate parts to GraphRunner:
A PowerShell script containing a number of modules regarding post-compromise recon, persistence, and pillaging of an account.
An HTML graphic user interface to be used with an access token. Provides various modules around enumeration and pillaging data from services such as Outlook, SharePoint, OneDrive, and Teams.
A basic PHP script that can be used to capture OAuth authorization codes during an OAuth consent flow.