# MAAD-Attack Framework
![MAAD_Logo](images/MAAD_AF.png)

## Introduction: MAAD-AF

**MAAD-AF** is an open-source cloud attack tool for security testing of Microsoft 365 & Entra ID(Azure AD) environments.

MAAD-AF is designed to make cloud security testing simple, fast, and effective.

MAAD-AF provides security practitioners easy to use fully interactive modules for the purpose of executing common attack techniques used by attackers against a Microsoft 365 or Entra ID (Azure AD) environment. 

Some of the techniques are : 
- External organizational reconnaissance 
- Gaining initial access 
- Establishing persistence (getting sticky) 
- Evading typical defenses 
- Collecting data and exfiltrating it 
- …and more! 
 
Ultimately, MAAD-AF allows the user to quickly execute common actions executed by an attacker to test existing controls, evaluate security posture, and inspect detections provided by existing threat detection platforms. 

## When should I use MAAD-AF? 
MAAD-AF is primarily a security testing tool and should be useful in a variety of scenarios. The intent for MAAD-AF is to provide a vendor-neutral framework for testing M365 and Azure AD security. You should use MAAD-AF:  
1. With prospects during POVs to demonstrate Vectra’s TDR capabilities 
2. With customers to test their environment 
3. With prospects/customers in our cyber range for education on attacker TTPs and Vectra’s detection capabilities