Loading...
pip install -rfind_privileged_users()Identifies users with high-privilege roles in the Azure AD tenant.
Read-only operation that identifies privileged users.
analyze_mfa_status()Analyzes the multi-factor authentication deployment across users.
Read-only operation that assesses MFA deployment.
find_applications_with_secrets()Finds applications with secrets or certificates stored in Azure AD.
Read-only operation that identifies applications with secrets.
analyze_groups()Analyzes group types and membership within the Azure AD tenant.
Read-only operation that analyzes group configurations.
identify_stale_accounts()Finds user accounts that haven't logged in or changed passwords recently.
Read-only operation to identify inactive accounts.
analyze_pim_implementation()Assesses the implementation of Privileged Identity Management (PIM) in the tenant.
Read-only operation to evaluate PIM usage.
analyze_service_principal_credentials()Finds over-permissioned service principals with long-lived credentials.
Read-only operation to identify risky service principals.
analyze_legacy_authentication()Identifies risks associated with legacy authentication protocols.
Read-only operation to assess legacy authentication risks.
analyze_conditional_access_policies(file_path: str = "")Analyzes conditional access policies from an HTML file.
Requires file upload, potential for information disclosure if the file contains sensitive data.
This server is relatively safe for read-only operations and guided analysis. However, tools that modify configurations or permissions should be used with caution. The overall security depends on the ROADRecon instance's security and access controls.