search

Gerenios / AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365
http://aadinternals.com/aadinternals
MIT License
1.3k stars 217 forks source link

Malware Detection? #98

Open kckenterprises opened 3 months ago

kckenterprises commented 3 months ago

Screenshot 2024-08-06 124659 Screenshot 2024-08-06 124746

Getting multiple detections when installing this PS module.

Is this to be expected?

weyCC81 commented 3 months ago

Microsoft Defender is also flagging the following files during the Installation for me:

Install-Module AADInternals
# PackageManagement\Install-Package : Package 'AADInternals' failed to be installed because: Operation did not complete successfully because the file contains a virus or potentially unwanted software.

Would it be possible to move the into a separated module?

Install-Module AADInternals.Beta
Install-Module AADInternals.Experimental
Mike-Crowley commented 1 month ago

The version info table (https://aadinternals.com/aadinternals) mentions:

Removed PTASpy to prevent antivirus blocking AADInternals installation on non-PTA computers.

So, I suspect other alerts are just more of the same - this entire package can be used maliciously, but it would be helpful to get an official confirmation from @NestoriSyynimaa

Related:

NestoriSyynimaa commented 1 month ago

https://x.com/DrAzureAD/status/1838527114632401382

Mike-Crowley commented 1 month ago

Thanks! I suspected as much, but thank you for confirming they are legitimate and not dangerous to users of the PowerShell module.