Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.
Better catches for when password for the account needs to be updated, when a conditional access policy blocks user account access, or when the user account is flagged for risky actions.
Added catch for empty .conf fields, will allow more graceful exiting.
Changed
Updated and pinned aiohttp, colored, cryptography, and selenium dependencies and updated Python version to 3.10.11.
Pinned 3.1.0 version of ExchangeOnlineManagement PowerShell module.
Improved logic for grabbing validationkey from requests.
Fixed
Fixed MFA logic for messagetrace.py.
Fixed data dumper logic, they will only run if something in their section is set to True.
🗣 Description
[1.2.2] - The goose is loose - 2023-07-17
Added
.conf
fields, will allow more graceful exiting.Changed
aiohttp
,colored
,cryptography
, andselenium
dependencies and updated Python version to 3.10.11.validationkey
from requests.Fixed
True
.