-
Notifications
You must be signed in to change notification settings - Fork 72
Release Notes
RedByte edited this page Apr 15, 2025
·
11 revisions
- Fixed the MFA module after Microsoft deprecated the
account.activedirectory.windowsazure.comendpoint. The MFA module now uses themysignins.microsoft.comendpoints.
- Entra ID Module:
- List all users in Entra ID using Microsoft Graph access tokens
- Select which properties are requested for additional customization or OPSEC considerations
- Fully customize which properties are shown in the result table, and export the table to CSV or Excel
- Fetch additional information for a specific user to quickly highlight all useful information, such as its group memberships, role assignments, devices, app roles, and API permissions
- All JSON text now uses color-coded syntax highlighting across all modules
- All JSON can be easily copied using a copy button in the top right corner
- UI improvements to more clearly show a loading animation in several modules for requests that may take a longer time to load.
- MFA Methods module:
- List available and registered authentication options
- Delete registered MFA methods
- Create new MFA methods:
- Microsoft Authenticator App
- Custom OTP App
- Use GraphSpy as OTP App
- Security Keys (WebAuthn / FIDO2)
- Inspired by deviceCode2SecurityKey
- Mobile/Office/Alternative Phones (SMS or call)
- Alternative email address
- Request device codes with
ngcmfaclaim
- Added support for the Azure AD v2.0 token endpoint, allowing to obtain access tokens based on scope instead of resource.
- Note: the v1 token endpoint based on resource is still available (and used by default), although some specific use cases will benefit from having the option to obtain access tokens through the v2.0 endpoint (For example; obtaining access tokens for the MicrosoftAppAccessPanel resource to be able to add any type of MFA method to backdoor the account. Stay tuned!)
- Small fix for an issue that prevented all conversations to load in the MS Teams module when the resolve conversation names feature was used, but the conversation was not a proper MS Teams Chat or Channel.
- Added file upload capabilities to OneDrive & SharePoint (@pwnf - #2)
- Delete files and folders on OneDrive & SharePoint
- Improved MS Teams Module
- List all internal users in the organization
- Search for external users
- Create new conversations (direct messages or group chats) with internal and external users
- Insert fake/forged message quotes in chat messages
- Custom requests now also show the HTTP Response headers
- Improved all table layouts by using the correct DataTables dependencies for Bootstrap 5
- Microsoft Teams Module
- View conversations and chat messages
- Send chat messages in existing conversations using the rich text editor
- List members in a channel or teams space
- Display images and download anonymous files
- Added some color (@HuskyHacks - #1)
- Device Code Table colors based on status
- Access Token Table colors based on expiry
- Added support for colored toast messages/notification
- Custom User Agent
- A custom user agent can now be defined on the Settings page
- This user agent will be used in every request initiated by the GraphSpy server
- By default, one of the latest user agents (at the time of this update) from Google Chrome on Windows will be used.
- Access & Refresh Token modals
- It is now even easier to switch between different access and refresh tokens from any page.
- A "Select" button is present in every Access/Refresh Token ID field which will open an overview where every token is displayed and can be selected.
- Custom API Requests
- Perform custom API requests to any API endpoint using access tokens from the GraphSpy database for authentication
- Custom API Request Variables
- Create custom variables that will be replaced in the URI, Headers, and Body of custom API requests.
- Custom API Request Templates
- Store API Request Templates into the database for easy reuse