Helper‐Scripts
TL;DR
Automated Creation of Self-Signed Certificate for using Microsoft-Extractor-Suite via Graph API.
1.) Register an application with Microsoft Entra ID (e.g. Invictus_IR-App)
2.) Create self-signed certificate
.\Create-Certificate.ps1
Fig 1: Enter Case Number (or Company Name)
Fig 2: Generating Self-Signed Certificate for Microsoft Graph API
3.) Upload public certificate (e.g. Invictus_IR-App.cer)
4.) Add API permissions (e.g. IdentityRiskEvent.Read.All, AuditLogsQuery.Read.All, etc.)
5.) Request permissions → Grant admin consent for your application
6.) Specify App-only access for authentication and authorization when using Microsoft-Extractor-Suite functions.
Get-RiskyDetections -Application
Coming soon.