New module from @RalphDesmangles:

Adds a new recon module, listorgs, enabling operators to enumerate Azure DevOps organizations using a valid access token. The module supports two modes:

• Default Mode: Lists only the organizations the provided access token has direct access to.
• AAD Mode (/mode:aad): Enumerates all organizations within the Azure AD tenant.
  • Operators can override the default AEX endpoint by specifying /endpoint:ENDPOINT_NAME.

This module enhances situational awareness when an operator obtains a valid token (e.g., from a beacon or phishing scenario) but lacks visibility into the organizations linked to it.

• Bug Fixes and Quality of Life Improvements

  • Updated authentication detection to differentiate between Azure access tokens and User Authentication cookie
  • Bug fix for authenticating with User Authentication cookie after Microsoft made updates to authentication
  • Added pipeline name to getpipelinevars and getpipelinesecrets modules

• New Modules from @h4wkst3r and @nheiniger

  • listteam
  • searchteam
  • getteammembers
  • getbuildlogs
  • listbuildlogs
  • searchbuildlogs
  • creds

New getvariablegroups module from @nheiniger

Bug fixes from @blacktraffic and @chryzsh .

• @chryzsh - Bug in whoami module
• @blacktraffic - Add more error checking, added use of continuation token for users and groups, added additional checks for user and group validation.

Initial Release