raindance: Reconnaissance tool for Microsoft Office 365
A toolkit for enumerating and collecting information from Office 365.
Raindance uses built-in powershell modules, namely from the MSOnline & AzureAD powershell modules to log into Office 365 tenants with legitimate credentials and pulls out the list of users, their mailing groups and distros, roles/permissions, and identify administrators in the tenant. This tool is intended to be used as an attack tool to assist penetration testers in enumerating users and select targets for offensive engagements.
- Enumerates domain information within O365
- Get the full list of users, including disabled accounts
- Get a list of the mailing/distribution groups in the tenant
- Identify administrative users and highlight Global Administrators (Company Admins)
Installation & Running
- Windows Only (for now): Microsoft has promised to (eventually) add Linux support for the library dependencies.
- Powershell v5.0+: This is due to .NET dependencies
- Library – MSOnline: Download using powershell Install-Module msonline
- Library – AzureAD: Download using powershell Install-Module AzureAD
Copyright (c) 2018, True Demon