FREE TOOL

Microsoft 365 App Permission Scanner

Check your environment for gateways Midnight Blizzard criminals target.

Find dangerous tenant misconfigurations and excessive app privileges that cyber criminals exploit

On January 12th, Microsoft detected a Midnight Blizzard attack on its internal systems exploiting legacy accounts and misconfigurations. Now is the time to take proactive action, guarding against the possibility of supply chain attacks targeting your tenant.

Protect yourself with CoreViews App Permissions Scanner

With our free PowerShell script, identify misconfigurations and elevated app permissions that malicious actors can use to hack your Microsoft tenant.

This script, created by 9-time MVP Vasil Michev and CTO Ivan Fioravanti, generates various reports available in HTML, CSV and Excel:

Checkmark
A full list of apps with access to your tenant.
Checkmark
Two filtered files with privileges targeted by the Midnight Blizzard group to attack Microsoft 365 tenants on Entra or Exchange.

Step-by-step instructions

Notes:
Download script now

1. Download the free script

The script delivery is not packaged so that you can review the script before implementing.

2. Run the scripts

In a PowerShell session, run each script of the following scripts:

  • EnterpriseAppsPermissions.ps1
  • ExchangeManagementRoles.ps1

3. Download your reports

Each script outputs various files in HTML, CSV and Excel: a full list of apps with access to your tenant and two filtered files with privileges targeted by the Midnight Blizzard group to attack Microsoft 365 tenants on Entra or Exchange side.

4. Assess potential vulnerabilities

If you need help understanding the report, contact our experts.