What it does

Power Pwn is a security toolset for probing Microsoft 365 Power Platform and its AI services. It scans tenants, hunts exposed Copilot Studio bots and custom GPTs, tests M365 Copilot for unauthorized data retrieval, and can even deploy backdoor flows or no-code malware artifacts for persistent access.

The interesting bit

The project treats low-code/no-code platforms as first-class attack surfaces — not just the LLMs on top, but the automation glue underneath. The “LLM Hound” module scours Shodan for exposed MCPs and AI middleware, which is a nice touch for internet-scale recon.

Key highlights

• PowerDump: Tenant-wide scanning and data collection
• Copilot Studio Hunter: Deep-scan, enumerate, and recon misconfigured bots open to unauthenticated users
• Copilot M365: Test for unauthorized data exfiltration via whoami and dump modules
• NoCodeMalware / BackDoor: Deploy malicious Power Platform artifacts without writing traditional code
• PowerPhishing: Abuse the platform itself for credential harvesting campaigns
• Presented at Black Hat USA 2023/2024, DEF CON 30, and SecTor 23

Caveats

• Several modules need extra tooling (ffuf, subfinder, Node.js, Puppeteer); Windows users face manual steps for some dependencies
• Python 3.11 specifically recommended for GUI modules to avoid compatibility issues

Verdict

Microsoft security teams and red-teamers working in M365 environments should bookmark this. If your stack is Google Workspace or pure AWS, move along — nothing to pwn here.