Sparrow
Detection
PowerShell-based tool for detecting possible compromised accounts and applications in Azure/M365 environments.
Features:
- •Analyzes Azure AD audit logs
- •Detects suspicious application consent grants
- •Identifies potentially compromised accounts
Usage:
Set-ExecutionPolicy RemoteSigned
.\Sparrow.ps1Video:
Important Note
Always ensure you have proper authorization before using this tool in any environment. Follow responsible disclosure practices and adhere to the scope of your penetration testing engagement.