CVE-2025-32711

This repository contains PowerShell-based detection and remediation tools for CVE-2025-32711 (EchoLeak), a zero-click vulnerability in Microsoft 365 Copilot. The scripts analyze email patterns, audit logs, and security configurations to identify potential exploitation and apply mitigations.

This repository contains a functional black-box testing tool for CVE-2025-32711, which exploits indirect prompt injection leading to markdown/HTML exfiltration in LLM-backed chatbots. It launches a headless browser, spins up a local HTTP sink, and delivers payloads to test if the chatbot frontend fetches attacker-controlled URLs, confirming the vulnerability.

This repository contains PowerShell scripts for detecting and remediating CVE-2025-32711 (EchoLeak), a zero-click vulnerability in Microsoft 365 Copilot. The scripts focus on identifying suspicious email patterns and security misconfigurations rather than exploiting the vulnerability.