We have just released a major update to the Microsoft Extractor Suite.
โ
๐ง Installation
๐๐ฏ๐ด๐ต๐ข๐ญ๐ญ-๐๐ฐ๐ฅ๐ถ๐ญ๐ฆ -๐๐ข๐ฎ๐ฆ ๐๐ช๐ค๐ณ๐ฐ๐ด๐ฐ๐ง๐ต-๐๐น๐ต๐ณ๐ข๐ค๐ต๐ฐ๐ณ-๐๐ถ๐ช๐ต๐ฆ
โ
๐ Entra ID acquisition now supports:
- Get-AdminUsers retrieve users with Administrative privileges
- Get-ConditionalAccessPolicies get all enabled CA policies
- Get-RiskyDetections
- Get-RiskyUsers
- Get-MFA, check MFA enrollment status in your tenant
๐ Microsoft 365 forensics:
- Get- Sessions, identify sessions in the UAL can be used to detect Adversary in The Middle (AiTM) attacks
- Get-MessageIDs, can be used to find all messages accessed within a session
- Get-Email/Get-Attachment, used to retrieve emails and attachments based on InternetMessageIds
๐ Documentation:
https://microsoft-365-extractor-suite.readthedocs.io/en/latest/
โ