Novice to O365-Investigating tooling and Secure Score

[NiekMeerkotter]

I am new to GitHub. In Secure Score there are Actions that take me to GitHub. I have no idea what to do with for instance O365-InvestigationTooling/DumpDelegatesandForwardingRules.ps1. Please help. I do have PowerShell and PowerShell ISE on my PC. Thank you. Be Blessed

[mcvic1rj]

Hi @NiekMeerkotter NiekMeerkotter, I suggest you check out the Getting started with O365 PowerShell
resource from Microsoft.

The repo here is a collection of scripts to do various things in your office 365 tenant.

[NiekMeerkotter]

Hi @RyanMcVicar. Thank you for this. I am busy with the course, but I have to set the Secure Score for our company. Be blessed Niek Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10

…

________________________________ From: Ryan McVicar <[email protected]> Sent: Friday, August 17, 2018 3:00:39 PM To: OfficeDev/O365-InvestigationTooling Cc: Niek Meerkotter; Mention Subject: Re: [OfficeDev/O365-InvestigationTooling] Novice to O365-Investigating tooling and Secure Score (#38) Hi @NiekMeerkotter<https://github.com/NiekMeerkotter> NiekMeerkotter, I suggest you check out the Getting started with O365 PowerShell <https://docs.microsoft.com/en-us/office365/enterprise/powershell/getting-started-with-office-365-powershell>resource from Microsoft. The repo here is a collection of scripts to do various things in your office 365 tenant. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#38 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AkelvOws3W9hGOqbEjNyfz7b38OvGnwwks5uRr53gaJpZM4WAGPi>.

[PsychoData]

@NiekMeerkotter This is not a support forum for learning PowerShell. Microsoft Virtual Academy has a great course on it though.

Check out the video below for more information on what Secure Score is

DumpDelegatesandForwardingRules.ps1 is a script to

• Connect to the Microsoft Online Module (MSOnline, which is one of the modules that work with Office 365)
• Connect to Exchange Online PowerShell
• For each Enabled MSOnline User, it attempts to find the matching mailbox
• On each Mailbox it looks for several ways that an attacker who had compromised an account could keep getting Company information/emails after you reset the password to an account
  • Inbox Rules Details here
  • Mailbox Delegates (other users who have permission to a mailbox, to read the emails and items in it
  • SMTP Forwarding (See -Forwarding* Parameters in Set-MailBox

[NiekMeerkotter]

Thank you very much for this info. I really appreciate this Be blessed Niek Get Outlook for Android<https://aka.ms/ghei36>

…

________________________________ From: Kevin Crouch <[email protected]> Sent: Sunday, December 16, 2018 9:55:14 PM To: OfficeDev/O365-InvestigationTooling Cc: Niek Meerkotter; Mention Subject: Re: [OfficeDev/O365-InvestigationTooling] Novice to O365-Investigating tooling and Secure Score (#38) @NiekMeerkotter<https://github.com/NiekMeerkotter> This is not a support forum for learning PowerShell. Microsoft Virtual Academy has a great course<https://mva.microsoft.com/en-US/training-courses/getting-started-with-microsoft-powershell-8276> on it though. Check out the video below for more information on what Secure Score is [Introducing Microsoft Secure Score for Office 365 and Windows 10] <http://www.youtube.com/watch?feature=player_embedded&v=jzfpDJ9Kg-A> DumpDelegatesandForwardingRules.ps1<https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/DumpDelegatesandForwardingRules.ps1> is a script to * Connect to the Microsoft Online Module (MSOnline, which is one of the modules that work with Office 365) * Connect to Exchange Online PowerShell * For each Enabled MSOnline User, it attempts to find the matching mailbox * On each Mailbox it looks for several ways that an attacker who had compromised an account could keep getting Company information/emails after you reset the password to an account * Inbox Rules<https://github.com/OfficeDev/O365-InvestigationTooling/blob/47eab28f2cad1ec0e18778bf52268b34831aea99/DumpDelegatesandForwardingRules.ps1#L22> Details here<https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/get-inboxrule?view=exchange-ps> * Mailbox Delegates<https://github.com/OfficeDev/O365-InvestigationTooling/blob/47eab28f2cad1ec0e18778bf52268b34831aea99/DumpDelegatesandForwardingRules.ps1#L23> (other users who have permission<https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/get-mailboxpermission?view=exchange-ps> to a mailbox, to read the emails and items in it * SMTP Forwarding<https://github.com/OfficeDev/O365-InvestigationTooling/blob/47eab28f2cad1ec0e18778bf52268b34831aea99/DumpDelegatesandForwardingRules.ps1#L26> (See -Forwarding* Parameters in Set-MailBox<https://docs.microsoft.com/en-us/powershell/module/exchange/mailboxes/set-mailbox?view=exchange-ps> — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#38 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/AkelvF02rObF9Gg1YMk0_nlXIn2X9q2Eks5u5qUigaJpZM4WAGPi>.