The aim of this tool is to highlight how various O365 cloud services can be leverage as command & control communication channel. It can help to evade / avoid network level detection when the organizations are using O365 cloud services. It might also help to change the perspective of defenders when they find some unknown applications communicating with legitimate services.
This tools is developed in C# which leverages Microsoft Graph API's for communicating with O365 cloud services.
Currently the tool supports 3 O365 cloud services:
* Microsoft Teams
Download Link: https://github.com/3xpl01tc0d3r
Chirag Savla is a Cyber Security professional. His areas of interest include penetration testing, red teaming, defence strategies and post exploitation research. He has over 5 years of experience in Security Testing. He is an active member of a Red team and supports the Blue team in building detection strategies in his organization.
In his spare time, Chirag researches on new attack methodologies. He has presented at null(Open Security Community) and FIRST.org.
He blogs at https://3xpl01tc0d3r.blogspot.com/