Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
@north7/entraaware
Advanced tools
EntraAware MCP Server
A simple, lightweight Model Context Protocol (MCP) server for querying Microsoft Entra (Azure AD) data.
What is EntraAware?
EntraAware is an MCP Server allows AI assistants to directly access your Microsoft Entra (Azure AD) tenant data through the Microsoft Graph API. With EntraAware, you can ask natural language questions about your Entra environment.
Setup
Prerequisites
- Microsoft Entra (Azure AD) tenant
- Application registration with appropriate Graph API permissions
- Node.js 18 or higher
Installation
# Install globally
npm install -g @uniquk/entraaware
# Or use with npx (no installation needed)
npx @uniquk/entraaware
Configuration
Create a .mcp.json file in your VS Code workspace:
{
"servers": {
"EntraAware": {
"type": "stdio",
"command": "npx",
"args": [
"-y",
"@north7/entraaware@latest"
],
"env": {
"TENANT_ID": "your-tenant-id",
"CLIENT_ID": "your-client-id",
"CLIENT_SECRET": "your-client-secret"
}
}
}
}
Replace the environment variables with your own:
TENANT_ID- Your Microsoft Entra tenant IDCLIENT_ID- Your Microsoft Entra client ID/application IDCLIENT_SECRET- Your Microsoft Entra client secret
Usage
Once configured, you can use EntraAware through VS Code by typing:
ask EntraAware>
The EntraAware MCP tool provides a single function that automatically detects the right Graph API endpoint based on keywords in your question:
{
"question": "Show me all conditional access policies"
}
Example Queries
// Get organization details
Show me details about my organization
// Get conditional access policies
List all conditional access policies
// Get information about a specific user
Find user john.doe@example.com
// Get all groups
Show me all groups
References
FAQs
MCP server for querying Microsoft Entra (Azure AD) and Azure Resource Management APIs
The npm package @north7/entraaware receives a total of 5 weekly downloads. As such, @north7/entraaware popularity was classified as not popular.
We found that @north7/entraaware demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Apr 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025