Project • Free Tool • M365 Administration

gtools.pro — Zero-Knowledge M365 Administration Suite

Free Microsoft 365 administration tools with Zero-Knowledge encryption. Backup content, export configurations, and audit compliance — with credentials that never leave your browser.

Free Tool M365 Administration Zero-Knowledge Content Backup Compliance Export ISO 27001 GDPR

Platform Overview

gtools.pro is a Zero-Knowledge administration suite for Microsoft 365 IT teams. All Microsoft OAuth credentials are encrypted client-side — the platform never sees your tenant credentials. Exports are generated via direct Microsoft Graph API calls and downloaded straight to your machine without transiting third-party servers.

The suite covers six operational areas: content backup (Teams, OneDrive, SharePoint, Exchange, Planner, Bookings), configuration export (8 tools covering Intune, Entra ID, Exchange, Power Platform, SharePoint, Security & Compliance), audit & compliance (20+ reports), security posture assessment, lifecycle management, and PowerShell script generation. Currently free for all users.

6
Operational Categories
20+
Audit & Compliance Reports
8
Configuration Export Tools
5
Compliance Frameworks
Free
Current Pricing
Zero-Knowledge Architecture

Security by Design

Client-Side Encryption

Microsoft OAuth credentials are encrypted in your browser before any network request. The encryption key never leaves your device — the platform cannot decrypt your credentials even if it wanted to.

Direct Graph API Exports

All data exports are generated via direct calls from your browser to Microsoft Graph API. Exported files download directly to your machine without transiting or being stored on any third-party server.

WebAssembly Encryption

Cryptographic operations use AES-256-GCM and ChaCha20-Poly1305 implemented in WebAssembly for high-performance, browser-native encryption without JavaScript library dependencies.

Microsoft OAuth Only

Authentication is handled entirely through Microsoft's OAuth 2.0 flow. Supports both delegated user permissions and application permissions via service principal / app registration.

Content Backup

Backup What Matters

Three backup centers cover all major M365 content workloads, with both personal and organization-wide scope options.

Communication Backup

Teams chats, channels, email, calendar, contacts

Export Teams conversations and channel history, Exchange mailbox content, calendar entries, and contact lists. Supports delta sync for incremental backups. Output includes JSON and PST formats.

Files Backup

OneDrive and SharePoint documents

Back up OneDrive personal drives and SharePoint site libraries. Delta sync support exports only files changed since the last backup. Live log viewer shows real-time progress for large tenants.

Productivity Backup

Planner, Bookings, To Do tasks

Export Microsoft Planner boards with tasks, buckets, and assignments. Back up Bookings calendars and appointment history. Export personal and shared To Do task lists to JSON.

Configuration Export

8 Configuration Export Tools

Document your M365 tenant configuration before migrations, policy changes, or audits. All exports download directly to your machine.

Entra ID Advanced Export

Full Entra ID (Azure AD) configuration including Privileged Identity Management (PIM), MFA policies, Conditional Access rules, B2B settings, custom security attributes, and organization branding.

Exchange Online Deep Export

13 export categories covering mailbox policies, transport rules, connectors, anti-spam and anti-malware settings, retention policies, and compliance configurations.

Intune Configuration Export

26 configuration categories: device compliance policies, configuration profiles, app protection policies, enrollment restrictions, Windows Autopilot profiles, and update rings.

M365DSC Export

Generate Microsoft365DSC PowerShell scripts from your live tenant configuration for infrastructure-as-code documentation, drift detection, and environment replication.

Power Platform Inventory

Export Power Apps, Power Automate flows, Power BI workspaces, and Dataverse environments across your tenant. Identify shadow IT and ungoverned automation assets.

Security & Compliance Export

13 components: DLP policies, sensitivity labels, retention labels, communication compliance policies, eDiscovery cases, insider risk management settings, and audit log configurations.

SharePoint Permissions Export

Document site collection permissions, unique permission inheritance breaks, external sharing settings, and guest access at scale across all SharePoint sites and libraries.

Teams Voice Configuration

Export Teams Phone System configuration: dial plans, call queues, auto attendants, emergency locations, voice routing policies, and Direct Routing trunk settings.

Audit & Compliance

20+ Audit and Compliance Reports

Pre-built reports covering security posture, access governance, sharing risks, Teams governance, and compliance framework alignment.

Security Posture

  • M365 Tenant Audit (ISO 27001, SOC 2, GDPR, HIPAA, NIS2)
  • Security Risk Dashboard
  • Privileged Access Report
  • Copilot Readiness Assessment
  • Permission Change Audit

Access Governance

  • Access Review Report
  • External Collaboration Report
  • Orphaned Users Report
  • Oversharing Detection
  • Unique Permissions Audit

SharePoint Security

  • SharePoint Security Center
  • SharePoint Permissions Report
  • Sharing Links & Invitations Report
  • Broken Inheritance Report
  • Group Membership Report

Teams & Lifecycle

  • Teams Governance Report
  • Teams Security Center
  • Teams Storage Report
  • Site Lifecycle Report
  • Stale Content Report
Compliance Frameworks

Multi-Framework Audit Coverage

The M365 Tenant Audit covers 23 audit collectors across security settings, identity configuration, and compliance controls — mapped to five frameworks simultaneously.

ISO 27001

23 audit collectors mapped to ISO 27001 Annex A controls. Covers identity security (MFA, PIM, Conditional Access), data protection policies, audit logging, and security configuration baselines.

SOC 2

Compliance mapping across the five Trust Service Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. Evidence collection for SOC 2 Type II audits.

GDPR

Data protection configuration checks covering data minimization, access controls, retention policies, audit logging, and data subject rights capabilities within M365 workloads.

HIPAA & NIS2

HIPAA technical safeguards assessment for healthcare organizations using M365. NIS2 cybersecurity risk management controls covering authentication, access management, and incident detection.

Export Formats

Flexible Output for Every Use Case

Machine-Readable

JSON, CSV

Structured data exports for pipeline integration, vulnerability management platforms, SIEM ingestion, and custom reporting workflows.

Human-Readable

HTML Dashboard, Excel, PDF

Visual dashboards for compliance reviews, management reporting, and audit presentations. Excel exports for data analysis and pivot table reporting.

Infrastructure as Code

PowerShell (.ps1)

M365DSC PowerShell scripts generated from live tenant configuration for documentation, drift detection, and environment replication across tenants.

Backup Archives

ZIP, PST

Packaged backups of Teams content, Exchange mailboxes (PST format), and document libraries delivered as ZIP archives directly to your local machine.

Use Cases

When IT Teams Reach for gtools.pro

Pre-Migration Documentation

Document source tenant configuration before M365 tenant migrations or major policy changes. Export all 8 configuration categories to create a baseline snapshot for comparison and rollback reference.

Employee Offboarding

Back up departing user's Teams chats, OneDrive content, To Do tasks, and calendar data before account deactivation. Ensure no business-critical content is lost when accounts are disabled.

Copilot Readiness

Run the Copilot Readiness Assessment and Oversharing Detection reports before M365 Copilot deployment to identify permission risks and sensitive content that could be exposed through AI-assisted queries.

Compliance Audits

Generate ISO 27001, SOC 2, GDPR, HIPAA, or NIS2 audit evidence in a single session. 23 audit collectors produce structured findings with high/medium/low/info severity ratings and compliance percentages.

External Access Review

Audit all guest accounts, external user sharing, and B2B collaboration settings across your tenant. Identify overprovisioned external access before security reviews or partner relationship changes.

Storage & Lifecycle

Identify stale content, dormant Teams, inactive sites, and storage growth patterns. Prioritize archival or deletion decisions with activity-level categorization across all M365 workloads.

Pricing

Free for Now

gtools.pro is currently free for all M365 IT administrators. All tools and reports are accessible without subscription. Requires Microsoft 365 E3 or E5 licensing for the M365 tenant features being administered. Advanced audit features (1-year retention, unified audit log) require M365 E5.

Access Requirements: Microsoft 365 tenant with appropriate administrator role. Supported roles include Global Administrator, Compliance Administrator, Teams Administrator, Exchange Administrator, and Power Platform Administrator depending on the tools used. App registration in Azure AD required for application permission flows.

Open gtools.pro →

Need M365 governance, migration, or compliance support?

Let's discuss how gtools.pro fits into your M365 administration, audit, and compliance workflows.

Book a Consultation ← All Projects