Skip to content

m-hanisch/DCToolbox

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
DCToolbox.psd1
DCToolbox.psd1
 
 
DCToolbox.psm1
DCToolbox.psm1
 
 
README.md
README.md
 
 

Repository files navigation

DCToolbox

A PowerShell toolbox for Microsoft 365 security fans.

Author: Daniel Chronlund

Introduction

This PowerShell module contains a collection of tools for Microsoft 365 security tasks, Microsoft Graph functions, Azure AD management, Conditional Access, zero trust strategies, attack and defense scenarios, etc.

Get Started

Install the module from the PowerShell Gallery by running:

Install-Module DCToolbox

If you already installed it, update to the latest version by running:

Update-Module DCToolbox

PowerShell Gallery package link: https://www.powershellgallery.com/packages/DCToolbox

When you have installed it, to get started, run:

Get-DCHelp

Explore and copy script examples to your clipboard with:

Copy-DCExample

Included Tools

New-DCM365ConfigReport

Gather basic configuration settings from a Microsoft 365 tenant and crates an Excel report.

Connect-DCMsGraphAsDelegated

Gather basic configuration data from a Microsoft 365 tenant.

Connect-DCMsGraphAsDelegated

Connect to Microsoft Graph with delegated credentials (interactive login will popup).

Connect-DCMsGraphAsApplication

Connect to Microsoft Graph with application credentials.

Invoke-DCMsGraphQuery

Run a Microsoft Graph query.

Enable-DCAzureADPIMRole

Activate one or more Azure AD Privileged Identity Management (PIM) role with PowerShell.

Get-DCPublicIp

Get current public IP address information. You can use the -UseTorHttpProxy to route traffic through a running Tor network HTTP proxy that was started by Start-DCTorHttpProxy.

Start-DCTorHttpProxy

Start a Tor network HTTP proxy that can be used for anonymization of HTTP traffic in PowerShell. Requires proxy support in the PowerShell CMDlet you want to anonymise. Many of the tools included in DCToolbox supports this.

Test-DCAzureAdUserExistence

Test if an account exists in Azure AD for specified email addresses.

Test-DCAzureAdCommonAdmins

Test if common and easily guessed admin usernames exist for specified Azure AD domains.

Test-DCLegacyAuthentication

Test if legacy authentication is allowed in Office 365 for a particular user.

Get-DCAzureADUsersAndGroupsAsGuest

Lets a guest user enumerate users and security groups/teams when 'Guest user access restrictions' in Azure AD is set to the default configuration.

Export-DCConditionalAccessPolicyDesign

This CMDlet uses Microsoft Graph to export all Conditional Access policies in the tenant to a JSON file. This JSON file can be used for backup, documentation or to deploy the same policies again with Import-DCConditionalAccessPolicyDesign.

Import-DCConditionalAccessPolicyDesign

This CMDlet uses Microsoft Graph to automatically create Conditional Access policies from a JSON file. The JSON file can be created from existing policies with Export-DCConditionalAccessPolicyDesign or manually by following the syntax described in the Microsoft Graph documentation.

New-DCConditionalAccessPolicyDesignReport

Automatically generate an Excel report containing your current Conditional Access policy design.

New-DCConditionalAccessAssignmentReport

Automatically generate an Excel report containing your current Conditional Access assignments.

Please follow me on my blog https://danielchronlund.com, on LinkedIn and on Twitter!

@DanielChronlund

About

Tools for Microsoft cloud fans

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PowerShell 100.0%