a dumping ground for stuff I (possibly) find interesting...
@rootsecdev: The powershell code below is something everyone with an Azure AD Tenant should be running in their environment to spot check Granted OATH permissions. Attackers are utilizing malicious OATH grants for persistence