Augment RiskyPermissions.json to cover additional service principal API permissions

[tkol2022]

💡 Summary

Go through the permissions listed in the Graph reference and determine if we need to augment \PowerShell\ScubaGear\Modules\Permissions\RiskyPermissions.json with any additional permissions to cover more risks. We can also see if there are any other permissions for EXO, Teams, Sharepoint that could be covered.

Motivation and context

Continuous improvement by increasing the risk surface area covered by ScubaGear

Implementation notes

• Examine the MS Graph permissions list linked above and compare it to the RiskyPermissions.json file. Modify the json file if necessary.
• For EXO, Teams, Sharepoint, use the Entra Id > App Registrations > app > Manage > API Permissions page and click to add a permission in order to reference the available permissions for those services. Modify the json if necessary.

[tkol2022]

In the future we might want to look at permissions prefixed with DeviceManagement*. There could be some risks that we want to flag there related to exposing user devices.