mlcsec
diff --git a/‎.github/usage.png
27.8 KB b/‎.github/usage.png
27.8 KB
diff --git a/‎graphpython/__main__.py
Lines changed: 4 additions & 4 deletions b/‎graphpython/__main__.py
Lines changed: 4 additions & 4 deletions
@@ -34,24 +34,24 @@ def parseArgs():
     parser.add_argument("--command", help="Command to execute")
     parser.add_argument("--list-commands", action="store_true", help="List available commands")
     parser.add_argument("--token", help="Microsoft Graph access token or refresh token for FOCI abuse")
-    parser.add_argument("--estsauthcookie", help="'ESTSAuth' or 'ESTSAuthPersistent' cookie value")
+    parser.add_argument("--estsauthcookie", help="'ESTSAuth' or 'ESTSAuthPersistent' cookie")
     parser.add_argument("--use-cae", action="store_true", help="Flag to use Continuous Access Evaluation (CAE) - add 'cp1' as client claim to get an access token valid for 24 hours")
     parser.add_argument("--cert", help="X509Certificate path (.pfx)")
     parser.add_argument("--domain", help="Target domain")
     parser.add_argument("--tenant", help="Target tenant ID")
-    parser.add_argument("--username", help="Username or file containing username (invoke-userenumerationasoutsider)")
+    parser.add_argument("--username", help="Username or file containing usernames (invoke-userenumerationasoutsider)")
     parser.add_argument("--secret", help="Enterprise application secretText (invoke-appsecrettoaccesstoken)")
     parser.add_argument("--id", help="ID of target object")
     parser.add_argument("--select", help="Fields to select from output")
-    parser.add_argument("--query", help="Raw API query (GET only)")
+    parser.add_argument("--query", help="Raw API query URL (GET only)")
     parser.add_argument("--search", help="Search string")
     parser.add_argument("--entity", choices=['driveItem', 'message', 'chatMessage', 'site', 'event'],help="Search entity type: driveItem(OneDrive), message(Mail), chatMessage(Teams), site(SharePoint), event(Calenders)")
     parser.add_argument("--device", choices=['Mac', 'Windows', 'AndroidMobile', 'iPhone'], help="Device type for User-Agent forging")
     parser.add_argument("--browser", choices=['Android', 'IE', 'Chrome', 'Firefox', 'Edge', 'Safari'], help="Browser type for User-Agent forging")
     parser.add_argument("--only-return-cookies", action="store_true", help="Only return cookies from the request (open-owamailboxinbrowser)")
     parser.add_argument("--mail-folder", choices=['Allitems', 'inbox', 'archive', 'drafts', 'sentitems', 'deleteditems', 'recoverableitemsdeletions'], help="Mail folder to dump (dump-owamailbox)")
     parser.add_argument("--top", type=int, help="Number (int) of messages to retrieve (dump-owamailbox)")
-    parser.add_argument("--script", help="File containing the script content (deploy-maliciousscript and backdoor-script)")
+    parser.add_argument("--script", help="File containing the script content (deploy-maliciousscript or backdoor-script)")
     parser.add_argument("--email", help="File containing OWA email message body content (spoof-owaemailmessage)")
 
     args = parser.parse_args()