MFASweep
MFASweep copied to clipboard
dafthack
A tool for checking if MFA is enabled on multiple Microsoft Services
With Microsoft's off/on intentions to disable legacy and basic authentication methods, is it possible to add support to check for legacy and basic authentication support? These methods do not allow...
Added "-UseBasicParsing" to "Invoke-Webrequest" to fix Powershell throwing errors at you.
Authenticating to Microsoft Graph API... and Authenticating to Azure Service Management API... could use a catch for login being denied for a conditional access policy. # Conditional Access Policy ElseIf($RespErr...
`$resp = $_.Exception.Response.GetResponseStream()` this line causes a problem as GetResponseStream() seems to be deprecated since powershell v6+. I ran into this error with the latest powershell v7. A possible fix...
 Just attended your webinar today " Getting Started in Pentesting The Cloud: Azure w/ Beau Bullock (1-Hour) -- Thursday, May 27, 2021, 1:00 PM - 2:00 PM EDT (UTC...
This tool looks good, but I think it it could better if you passed the user credentials as secure strings instead of using plain text. Could you do something like:...
Hey! Loving the script, but I have started getting the error below when trying to run it. I suspect Windows Defender doesn't like the base64 encoded EWS DLL binary that...
Log message incorrectly stated providing "iPhone" user agent when indeed "Windows Phone" was sent.
Can't seem to use this script. It's calling invoke commands that don't exist and I can't find online. Your readme file is lacking information on usage.
I tested this a few days ago with a Conditional Access Policy that allowed Android access. The script looks for some hard-coded string in the login response which is not...
