Giter Club home page Giter Club logo

knockknock's Introduction

KnockKnock - v0.9.5 - @waffl3ss

Please make sure to actually utilize the README.

Designed to validate potential usernames by querying OneDrive and/or Microsoft Teams, which are passive methods.
Additionally, it can output/create a list of legacy Skype users identified through Microsoft Teams enumeration.
Finally, it also creates a nice clean list for future usage, all conducted from a single tool.

Usage

$ python3 .\KnockKnock.py -h

  _  __                 _    _  __                 _
 | |/ /_ __   ___   ___| | _| |/ /_ __   ___   ___| | __
 | ' /| '_ \ / _ \ / __| |/ / ' /| '_ \ / _ \ / __| |/ /
 | . \| | | | (_) | (__|   <| . \| | | | (_) | (__|   <
 |_|\_\_| |_|\___/ \___|_|\_\_|\_\_| |_|\___/ \___|_|\_\
   v0.9.5                                   @waffl3ss


usage: KnockKnock.py [-h] [-teams] [-onedrive] [-l] -i INPUTLIST [-o OUTPUTFILE] -d TARGETDOMAIN [-t TEAMSTOKEN] [-threads MAXTHREADS] [-v]

options:
  -h, --help           show this help message and exit
  -teams               Run the Teams User Enumeration Module
  -onedrive            Run the One Drive Enumeration Module
  -l                   Write legacy skype users to a seperate file
  -i INPUTLIST         Input file with newline-seperated users to check
  -o OUTPUTFILE        Write output to file
  -d TARGETDOMAIN      Domain to target
  -t TEAMSTOKEN        Teams Token (file containing token or a string)
  -threads MAXTHREADS  Number of threads to use in the Teams User Enumeration (default = 10)
  -v                   Show verbose errors

Examples

./KnockKnock.py -teams -i UsersList.txt -d Example.com -o OutFile.txt -t BearerToken.txt
./KnockKnock.py -onedrive -i UsersList.txt -d Example.com -o OutFile.txt
./KnockKnock.py -onedrive -teams -i UsersList.txt -d Example.com -t BearerToken.txt -l

Options

  • You can select one or both modes, as long as the appropriate options are provided for the modules selected.
  • Both modules will require the domain flag (-d) and the user input list (-i).
  • The tool does not require an output file as an option, and if not supplied, it will print to screen only.
  • The verbose mode will show A LOT of extra information, including users that are not valid.
  • The Teams option requires a bearer token. The script automatically removes the beginning and end portions to use only whats required.

How to get your Bearer token

To get your bearer token, you will need a Cookie Manager plugin on your browser and login to your own Microsoft Teams through the browser.
Next, view the cookies related to the current webpage (teams.microsoft.com).
The cookie you are looking for is for the domain .teams.microsoft.com and is titled "authtoken".
You can copy the whole token as the script will split out the required part for you.

References

@nyxgeek - onedrive_user_enum
@immunIT - TeamsUserEnum

knockknock's People

Contributors

waffl3ss avatar

Stargazers

Bennett Warner avatar avatar SBD avatar avatar ┌( ಠ_ಠ)┘ avatar avatar João Victor avatar John Doe avatar acceler avatar agtian avatar avatar avatar avatar avatar avatar sodinokibi avatar Nicholas007 avatar avatar iojymbo avatar Yuuki Ebihara avatar Smith Noorah avatar Solomon Sklash avatar barry avatar Matthew Linney avatar th3k3ymak3r avatar Matthew McAteer avatar DClaeyman avatar Tripp avatar Nicolas Vincent avatar avatar RedHeadSec avatar Erik avatar avatar avatar BEWNIAC avatar Onur Keskin, Ph.D. avatar Xenov avatar CEvans avatar avatar Bastien Perez avatar avatar avatar avatar avatar Cybrly avatar avatar avatar honkbalpoort avatar avatar Curtis Ringwald avatar avatar dimey avatar avatar avatar avatar avatar avatar

Watchers

Ryan Dorey avatar avatar John C. Petrucci avatar Tylous avatar Mark Heneghan avatar s3ct3st avatar avatar avatar avatar opCode avatar

Forkers

sergio-gonzales ralphdesmangles bd0n4lds orinocoz noorahsmith zha0

knockknock's Issues

Legacy Skype Detection is wrong

The Legacy Skype detection currently is identifying false positives in addition to the actual results, adding users to the legacy list that are not legacy users. A potential fix has been identified and will be published in v0.9.1 when its been implemented.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.