The Zenity Security Assessment Hub

Visualize and Understand your risks from AI Agents, Copilots, and Low-Code Development

 

Zenity offers a variety of security assessment tools for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform. With them, security leaders and practitioners can take a Red Team approach and immediately identify and reduce risks stemming from powerful business-enablement platforms. 

Copilot Hunter

Copilot Hunter has two modules

  • Deep Scan which finds open Copilot Studio bots based on domains or tenant IDS
  • Enum which compiles lists of environment and tenant IDs from Power Platform API subdomains 

PowerDump

  • Generate access tokens to fetch available resources in Microsoft PowerApps
  • Perform advanced actions on the discovered resources
  • Dump all available information in Power Platform into a local directory
  • Basic GUI for presenting the collected resources and data

Copilot Connector & Chat Automator

  • Interact with Copilot for Microsoft 365 through WebSocket messages and undocumented APIs to implement any process that requires interaction with Copilot
  • Facilitate automated processes with Copilot, handling all interactions (prompts and responses) and ease implementation, so security teams can focus on the actual business logic of the process

Copilot Interactive Chat

  • Enable chat with Copilot M365 through the powerpwn terminal

Copilot M365 Dump

  • Explore Microsoft Copilot 365 to extract emails and their contents, enumerate and extract Sharepoint site content, and harvest credentials and passwords

Copilot M365 Whoami

  • Extract information about the current user of Microsoft 365 Copilot including: 
  • Personal data like their name, title, email, manager
  • What Sharepoint sites, documents, and sensitive data they have access to
  • Other details like their weekly schedule, emails, and collaborators and contact information
  • And more!

Install a Backdoor

  • Maintain persistence on Power Platform by installing an automation factory that creates, executes, and delete arbitrary commands

Internal Phishing

  • Set up internal phishing applications on Microsoft-owned domains, which automatically authenticates as users click and go to the link

No-Code Malware

  • Repurpose trusted executables, service accounts, and cloud services in the Microsoft Power Platform ecosystem to power a malware operation

Spearphishing

  • Explore the latest interactions with compromised accounts or user of its victims
  • Craft highly personalized emails to send to targets

If you’d like to learn more about any of these modules, or want some help in running the scans yourself, get in touch with us and we’ll be happy to walk you through it, analyze the results, and more!

Want to get in touch?

We’d love to chat with you about how your team can unleash copilots and low-code development