DCToolbox
A PowerShell toolbox for Microsoft 365 security fans.
Author: Daniel Chronlund
Introduction
This PowerShell module contains a collection of tools for Microsoft 365 security tasks, Microsoft Graph functions, Azure AD management, Conditional Access, zero trust strategies, attack and defense scenarios, etc.
Get Started
Install the module from the PowerShell Gallery by running:
Install-Module DCToolbox
If you already installed it, update to the latest version by running:
Update-Module DCToolbox
PowerShell Gallery package link: https://www.powershellgallery.com/packages/DCToolbox
When you have installed it, to get started, run:
Get-DCHelp
Explore and copy script examples to your clipboard with:
Copy-DCExample
Included Tools
Connect-DCMsGraphAsDelegated
Connect to Microsoft Graph with delegated credentials (interactive login will popup).
Connect-DCMsGraphAsApplication
Connect to Microsoft Graph with application credentials.
Invoke-DCMsGraphQuery
Run a Microsoft Graph query.
Enable-DCAzureADPIMRole
Activate an Azure AD Privileged Identity Management (PIM) role with PowerShell.
Get-DCPublicIp
Get current public IP address information. You can use the -UseTorHttpProxy to route traffic through a running Tor network HTTP proxy that was started by Start-DCTorHttpProxy.
Start-DCTorHttpProxy
Start a Tor network HTTP proxy that can be used for anonymization of HTTP traffic in PowerShell. Requires proxy support in the PowerShell CMDlet you want to anonymise. Many of the tools included in DCToolbox supports this.
Test-DCAzureAdUserExistence
Test if an account exists in Azure AD for specified email addresses.
Test-DCAzureAdCommonAdmins
Test if common and easily guessed admin usernames exist for specified Azure AD domains.
Export-DCConditionalAccessPolicyDesign
This CMDlet uses Microsoft Graph to export all Conditional Access policies in the tenant to a JSON file. This JSON file can be used for backup, documentation or to deploy the same policies again with Import-DCConditionalAccessPolicyDesign.
Import-DCConditionalAccessPolicyDesign
This CMDlet uses Microsoft Graph to automatically create Conditional Access policies from a JSON file. The JSON file can be created from existing policies with Export-DCConditionalAccessPolicyDesign or manually by following the syntax described in the Microsoft Graph documentation.
New-DCConditionalAccessPolicyDesignReport
Automatically generate an Excel report containing your current Conditional Access policy design.
New-DCConditionalAccessAssignmentReport
Automatically generate an Excel report containing your current Conditional Access assignments.
Please follow me on my blog https://danielchronlund.com, on LinkedIn and on Twitter!
@DanielChronlund