Invoke‐GraphRunner
Runs Invoke-GraphRecon, Get-AzureADUsers, Get-SecurityGroups, Invoke-DumpCAPS, Invoke-DumpApps, and then uses the default_detectors.json file to search with Invoke-SearchMailbox, Invoke-SearchSharePointAndOneDrive, and Invoke-SearchTeams.
--OPTIONS--
Tokens - Pass the $tokens global variable after authenticating to this parameter
DetectorFile - The json detector file. See "default_detectors.json" as an example.
DisableRecon - Disables Invoke-GraphRecon module
DisableUsers - Disables Get-AzureADUsers module
DisableGroups - Disables Get-SecurityGroups module
DisableCAPS - Disables Invoke-DumpCAPS module
DisableApps - Disables Invoke-DumpApps module
DisableEmail - Disables Invoke-SearchMailbox module
DisableSharePoint - Disables Invoke-SearchSharePointAndOneDrive module
DisableTeams - Disables Invoke-SearchTeams module
Invoke-GraphRunner -Tokens $tokensRun with specific tests disabled
Invoke-GraphRunner -Tokens $tokens -DisableRecon -DisableUsers -DisableGroups -DisableCAPS -DisableApps -DisableEmail -DisableTeams