Skip to content

Release Notes

Jump to bottom
RedByte edited this page Jul 28, 2024 · 8 revisions

Version 1.3.0 (28 July 2024)

  • MFA Methods module:
    • List available and registered authentication options
    • Delete registered MFA methods
    • Create new MFA methods:
      • Microsoft Authenticator App
      • Custom OTP App
      • Use GraphSpy as OTP App
      • Security Keys (WebAuthn / FIDO2)
      • Mobile/Office/Alternative Phones (SMS or call)
      • Alternative email address
  • Request device codes with ngcmfa claim

Version 1.2.3 (08 July 2024)

  • Added support for the Azure AD v2.0 token endpoint, allowing to obtain access tokens based on scope instead of resource.
    • Note: the v1 token endpoint based on resource is still available (and used by default), although some specific use cases will benefit from having the option to obtain access tokens through the v2.0 endpoint (For example; obtaining access tokens for the MicrosoftAppAccessPanel resource to be able to add any type of MFA method to backdoor the account. Stay tuned!)
  • Small fix for an issue that prevented all conversations to load in the MS Teams module when the resolve conversation names feature was used, but the conversation was not a proper MS Teams Chat or Channel.

Version 1.2.2 (15 June 2024)

  • Added file upload capabilities to OneDrive & SharePoint (@pwnf - #2)
  • Delete files and folders on OneDrive & SharePoint

Version 1.2.1 (2 June 2024)

  • Improved MS Teams Module
    • List all internal users in the organization
    • Search for external users
    • Create new conversations (direct messages or group chats) with internal and external users
    • Insert fake/forged message quotes in chat messages
  • Custom requests now also show the HTTP Response headers
  • Improved all table layouts by using the correct DataTables dependencies for Bootstrap 5

Version 1.2.0 (6 May 2024)

  • Microsoft Teams Module
    • View conversations and chat messages
    • Send chat messages in existing conversations using the rich text editor
    • List members in a channel or teams space
    • Display images and download anonymous files

Version 1.1.4 (10 April 2024)

  • Added some color (@HuskyHacks - #1)
    • Device Code Table colors based on status
    • Access Token Table colors based on expiry
    • Added support for colored toast messages/notification

Version 1.1.3 (7 April 2024)

  • Custom User Agent
    • A custom user agent can now be defined on the Settings page
    • This user agent will be used in every request initiated by the GraphSpy server
    • By default, one of the latest user agents (at the time of this update) from Google Chrome on Windows will be used.
  • Access & Refresh Token modals
    • It is now even easier to switch between different access and refresh tokens from any page.
    • A "Select" button is present in every Access/Refresh Token ID field which will open an overview where every token is displayed and can be selected.

Version 1.1.0 - 1.1.2 (17 March 2024)

  • Custom API Requests
    • Perform custom API requests to any API endpoint using access tokens from the GraphSpy database for authentication
  • Custom API Request Variables
    • Create custom variables that will be replaced in the URI, Headers, and Body of custom API requests.
  • Custom API Request Templates
    • Store API Request Templates into the database for easy reuse

Navigation

Clone this wiki locally