Loading...
ROADrecon MCP Server provides AI assistants access to Azure AD data, enabling security analysis and posture assessment via resources, tools, and pre-built prompts.
Boost this tool
Subscribe to listing upgrades or segmented pushes.
ROADrecon MCP Server provides AI assistants access to Azure AD data, enabling security analysis and posture assessment via resources, tools, and pre-built prompts.
This server is relatively safe for read-only operations and guided analysis. However, tools that modify configurations or permissions should be used with caution. The overall security depends on the ROADRecon instance's security and access controls.
Performance depends on the ROADRecon instance's performance and network latency. Large datasets may take longer to process.
Cost considerations depend on the ROADRecon instance's infrastructure and any associated Azure AD costs.
pip install -rROADRECON_URLfind_privileged_users()Identifies users with high-privilege roles in the Azure AD tenant.
Read-only operation that identifies privileged users.
analyze_mfa_status()Analyzes the multi-factor authentication deployment across users.
Read-only operation that assesses MFA deployment.
find_applications_with_secrets()Finds applications with secrets or certificates stored in Azure AD.
Read-only operation that identifies applications with secrets.
analyze_groups()Analyzes group types and membership within the Azure AD tenant.
Read-only operation that analyzes group configurations.
identify_stale_accounts()Finds user accounts that haven't logged in or changed passwords recently.
Read-only operation to identify inactive accounts.
analyze_pim_implementation()Assesses the implementation of Privileged Identity Management (PIM) in the tenant.
Read-only operation to evaluate PIM usage.
analyze_service_principal_credentials()Finds over-permissioned service principals with long-lived credentials.
Read-only operation to identify risky service principals.
analyze_legacy_authentication()Identifies risks associated with legacy authentication protocols.
Read-only operation to assess legacy authentication risks.
analyze_conditional_access_policies(file_path: str = "")Analyzes conditional access policies from an HTML file.
Requires file upload, potential for information disclosure if the file contains sensitive data.
None
cloud
This server is relatively safe for read-only operations and guided analysis. However, tools that modify configurations or permissions should be used with caution. The overall security depends on the ROADRecon instance's security and access controls.
Autonomy is limited by the read-only default mode. Tools with write capabilities should be carefully evaluated before enabling autonomy.
Production Tip
Monitor the ROADRecon instance for performance and errors to ensure reliable data access.
ROADrecon is a tool for gathering information about Azure Active Directory environments.
Clone the repository, install dependencies using pip, and run the server.
You can access data about users, groups, applications, service principals, devices, and more.
Yes, potential risks include exposure of sensitive data and unintended modifications to Azure AD configurations.
Some tools allow for modifications, but caution is advised.
Set the ROADRECON_URL environment variable to the URL of your ROADrecon GUI.
This tool analyzes conditional access policies from an HTML file. Ensure the file is from a trusted source and does not contain sensitive information before uploading.