• Goa 2020
  • AMMO
  • Chirag Savla

Chirag Savla


Tool Name:



Chirag Savla

Download Link:



The aim of this tool is to highlight how various O365 cloud services can be leverage as command & control communication channel. It can help to evade / avoid network level detection when the organizations are using O365 cloud services. It might also help to change the perspective of defenders when they find some unknown applications communicating with legitimate services.

This tools is developed in C# which leverages Microsoft Graph API's for communicating with O365 cloud services.

Currently the tool supports 3 O365 cloud services:

  • Outlook
  • OneNote
  • Microsoft Teams


Chirag Savla is a Cyber Security professional. His areas of interest include penetration testing, red teaming, defence strategies and post exploitation research. He has over 5 years of experience in Security Testing. He is an active member of a Red team and supports the Blue team in building detection strategies in his organization.

In his spare time, Chirag researches on new attack methodologies. He has presented at null(Open Security Community) and FIRST.org He blogs at https://3xpl01tc0d3r.blogspot.com/

Twitter : @chiragsavla94

Copyright © 2023 | Nullcon India | International Security Conference | All Rights Reserved