First release - V1.2.3
To enhance our process and maintain a more professional approach, we've decided to leverage the GitHub Releases feature. Although we're currently already at version 1.2.3. Going forward, we'll utilize GitHub Releases for every subsequent version release.
Microsoft-Extractor-Suite is a fully-featured, actively-maintained, Powershell tool designed to streamline the process of collecting all necessary data and information from various sources within Microsoft.
The following Microsoft data sources are supported:
- Unified Audit Log
- Admin Audit Log
- Mailbox Audit Log
- Mailbox Rules
- Transport Rules
- Message Trace Logs
- Azure AD Sign-In Logs
- Azure AD Audit Logs
In addition to the log sources above the tool is also able to retrieve other relevant information:
- Registered OAuth applications in Azure AD
- The MFA status for all users
- The creation time and date of the last password change for all users
- The risky users
- The risky detections
- The conditional access policies
- Administrator directory roles and their users
- A specific e-mail or attachment