{"id":13623406,"url":"https://github.com/vectra-ai-research/MAAD-AF","last_synced_at":"2025-04-15T14:33:00.004Z","repository":{"id":65950973,"uuid":"599375851","full_name":"vectra-ai-research/MAAD-AF","owner":"vectra-ai-research","description":"MAAD Attack Framework - An attack tool for simple, fast \u0026 effective security testing of M365 \u0026 Entra ID (Azure AD).","archived":false,"fork":false,"pushed_at":"2024-09-09T20:25:46.000Z","size":528,"stargazers_count":347,"open_issues_count":2,"forks_count":52,"subscribers_count":13,"default_branch":"main","last_synced_at":"2024-09-10T01:15:05.751Z","etag":null,"topics":["adversary-emulation","azuread","cloud-administration","cloud-security","entra-id","identity-access-management","microsoft","microsoft-azure-security","microsoft-graph","microsoft365","mitre","powershell","red-team","security","security-testing","ttp"],"latest_commit_sha":null,"homepage":"https://maad-af.com","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vectra-ai-research.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-02-09T02:08:07.000Z","updated_at":"2024-09-09T20:25:49.000Z","dependencies_parsed_at":"2023-11-20T09:28:44.063Z","dependency_job_id":"27926c70-d3ce-4eb4-b036-d0d609cf2d32","html_url":"https://github.com/vectra-ai-research/MAAD-AF","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vectra-ai-research%2FMAAD-AF","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vectra-ai-research%2FMAAD-AF/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vectra-ai-research%2FMAAD-AF/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vectra-ai-research%2FMAAD-AF/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vectra-ai-research","download_url":"https://codeload.github.com/vectra-ai-research/MAAD-AF/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223677603,"owners_count":17184509,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["adversary-emulation","azuread","cloud-administration","cloud-security","entra-id","identity-access-management","microsoft","microsoft-azure-security","microsoft-graph","microsoft365","mitre","powershell","red-team","security","security-testing","ttp"],"created_at":"2024-08-01T21:01:31.413Z","updated_at":"2024-11-08T11:30:47.919Z","avatar_url":"https://github.com/vectra-ai-research.png","language":"PowerShell","funding_links":[],"categories":["PowerShell"],"sub_categories":[],"readme":"# MAAD Attack Framework\n![MAAD_Logo](images/MAAD_AF.png)                                                                     \n        \nMAAD-AF is an open-source cloud attack tool for Microsoft 365 \u0026 Entra ID(Azure AD) environments.\n\nMAAD-AF offers simple, fast and effective security testing. Validate Microsoft cloud controls and test detection \u0026 response capabilities with a virutally zero-setup process, complete with a fully interactive workflow for executing emulated attacks. \n\nMAAD-AF is developed natively in PowerShell.\n\n## Usage\n1. Clone or download MAAD-AF from GitHub\n2. Start PowerShell as Admin and navigate to MAAD-AF directory\n```\n\u003e git clone https://github.com/vectra-ai-research/MAAD-AF.git\n\u003e cd /MAAD-AF\n```\n3. Launch MAAD-AF\n```\n\u003e MAAD_Attack.ps1 \n# Launch and bypass dependency checks\n\u003e MAAD_Attack.ps1 -ForceBypassDependencyCheck\n```\n\n## Requirements\n 1. Windows host\n 2. PowerShell 5.1\n\n## Features\n- Attack emulation tool\n- Fully interactive (no-commands) workflow\n- Zero-setup deployment\n- Ability to revert actions for post-testing cleanup\n- Leverage MITRE ATT\u0026CK\n- Emulate post-compromise attack techniques\n- Attack techniques for Entra ID (Azure AD)\n- Attack techniques for Exchange Online\n- Attack techniques for Teams\n- Attack techniques for SharePoint\n- Attack techniques for eDiscovery\n\n## MAAD-AF Techniques\n- Recon data from various Microsoft services\n- Backdoor Account Setup\n- Trusted Network Modification\n- Mailbox Audit Bypass\n- Disable Anti-Phishing in Exchange\n- Mailbox Deletion Rule Setup\n- Exfiltration through Mail Forwarding\n- Gain User Mailbox Access\n- Setup External Teams Access\n- Exploit Cross Tenant Synchronization \n- eDiscovery exploitation for data recon \u0026 exfil\n- Bruteforce credentials\n- MFA Manipulation\n- User Account Deletion\n- SharePoint exploitation for data recon \u0026 exfil\n- [More...](https://openrec0n.github.io/maad-af-docs/)\n\n## Contribute\n - Thanks for considering contributing to MAAD-AF! Your contributions will help make MAAD-AF better.\n - Submit your PR to the main branch.\n - Submit bugs \u0026 issues directly to [GitHub Issues](https://github.com/vectra-ai-research/MAAD-AF/issues)\n - Share ideas in [GitHub Discussions](https://github.com/vectra-ai-research/MAAD-AF/discussions)\n\n## Contact\nIf you found MAAD-AF useful, want to share an interesting use-case or idea - reach out \u0026 share them\n - Maintainer : [Arpan Sarkar](https://www.linkedin.com/in/arpan-sarkar/)\n - Email : [MAAD-AF@vectra.ai](mailto:maad-af@vectra.ai)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvectra-ai-research%2FMAAD-AF","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvectra-ai-research%2FMAAD-AF","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvectra-ai-research%2FMAAD-AF/lists"}