Major update(v 1.2) for the Microsoft Extractor Suite

January 24, 2024

We have just released a major update to the Microsoft Extractor Suite. Below an overview of all the functions:

‍

‍

🔧 Installation
𝘐𝘯𝘴𝘵𝘢𝘭𝘭-𝘔𝘰𝘥𝘶𝘭𝘦 -𝘕𝘢𝘮𝘦 𝘔𝘪𝘤𝘳𝘰𝘴𝘰𝘧𝘵-𝘌𝘹𝘵𝘳𝘢𝘤𝘵𝘰𝘳-𝘚𝘶𝘪𝘵𝘦

‍

📈 Entra ID acquisition now supports:
- Get-AdminUsers retrieve users with Administrative privileges
- Get-ConditionalAccessPolicies get all enabled CA policies
- Get-RiskyDetections
- Get-RiskyUsers
- Get-MFA, check MFA enrollment status in your tenant

🔍 Microsoft 365 forensics:
- Get- Sessions, identify sessions in the UAL can be used to detect Adversary in The Middle (AiTM) attacks
- Get-MessageIDs, can be used to find all messages accessed within a session
- Get-Email/Get-Attachment, used to retrieve emails and attachments based on InternetMessageIds

📖 Documentation:

https://microsoft-365-extractor-suite.readthedocs.io/en/latest/

‍