auditing-azure-active-directory-configuration

What problem does it solve?

Auditing Microsoft Entra ID (Azure Active Directory) configuration to identify risky authentication policies, overly permissive role assignments, stale accounts, conditional access gaps, and guest user risks using AzureAD PowerShell, Microsoft Graph API, and ScoutSuite.

Core Features & Use Cases

• Enumerates Global Administrators and identifies over-privileged or guest users with elevated access
• Reviews Conditional Access policies, MFA enforcement, and security defaults to minimize identity risk
• Detects stale accounts, orphaned service principals, and risky sign-in patterns for proactive remediation
• Generates a structured risk report to guide remediation and compliance efforts
• Supports multi-tool workflows via Graph API, AzureAD PowerShell, and ScoutSuite

Quick Start

Run the agent to generate an Azure AD security audit report for the current tenant.