update docs

Author: silverhack

docs/assets/css/extra.css

@@ -1,14 +1,62 @@
-.container {
-    font-family: arial;
-    font-size: 24px;
-    margin: 25px;
-    width: 350px;
-    height: 200px;
-    outline: dashed 1px black;
-  }
-
-  .center {
+.center {
     display: flex;
     align-items: center;
     justify-content: center;
-  }
+}
+
+.center-badges {
+  text-align: center;
+}
+.center-badges img {
+  display: inline-block;
+}
+
+
+
+/* Logo spacing (first image on the page) */
+.md-content img[alt="Monkey365 logo"] {
+  display: block;
+  margin: 0.25rem 0 0.75rem 0;
+  border-radius: 14px;
+  border: 1px solid var(--md-default-fg-color--lightest);
+  background: color-mix(in srgb, var(--md-default-bg-color) 80%, white 20%);
+  padding: 6px;
+}
+
+/* Badges row: give consistent spacing */
+.md-content a > img[src*="img.shields.io"] {
+  margin-right: 0.35rem;
+  margin-bottom: 0.35rem;
+}
+
+/* Buttons: add breathing room when multiple buttons are stacked */
+.md-content .md-button {
+  margin-right: 0.4rem;
+  margin-bottom: 0.5rem;
+}
+
+/* Code block in "Start in 3 commands" should look crisp */
+.md-content pre > code {
+  border-radius: 0.9rem;
+}
+
+/* Screenshots and diagrams: constrain width + subtle frame */
+.md-content img[alt="Example HTML report"],
+.md-content img[alt="Monkey365 architecture"] {
+  display: block;
+  max-width: min(980px, 100%);
+  width: 100%;
+  height: auto;
+  margin: 0.75rem 0 1rem 0;
+  border-radius: 1rem;
+  border: 1px solid var(--md-default-fg-color--lightest);
+  box-shadow: 0 6px 18px rgba(0, 0, 0, 0.08);
+}
+
+/* Mobile: reduce shadows slightly */
+@media (max-width: 600px) {
+  .md-content img[alt="Example HTML report"],
+  .md-content img[alt="Monkey365 architecture"] {
+    box-shadow: 0 4px 12px rgba(0, 0, 0, 0.06);
+  }
+}

docs/assets/images/consent.png

@@ -0,0 +1,83 @@
+---
+author: Juan Garrido
+---
+
+# Using Access Tokens with Monkey365
+
+Monkey365 supports direct authentication using **access tokens**, enabling fully non‑interactive execution for automation, CI/CD pipelines or service‑principal–based workflows.  
+This feature allows users to pass one or more access tokens to Monkey365, which will automatically route each token to the correct API based on its **audience** (`aud`) claim.
+
+## Overview
+
+You can provide access tokens to Monkey365 by using the `-AccessToken` parameter. The parameter accepts a single token (string) or multiple tokens (array of strings). 
+
+Each token is inspected to determine which Microsoft 365 or Azure service it applies to. Monkey365 then uses the appropriate token when making API calls.
+
+???+ note
+	Expired or malformed tokens are ignored.
+	
+
+## Usage Examples
+
+### Passing a Single Token
+
+```powershell
+$graph = az account get-access-token --resource https://graph.microsoft.com/ --query accessToken -o tsv
+
+$p = @{
+    AccessToken = $graph;
+    IncludeEntraId = $true;
+    TenantId = "00000000-0000-0000-0000-000000000000";
+    Verbose = $true;
+    InformationAction = "Continue"
+}
+Invoke-Monkey365 @p
+```
+
+### Passing Multiple Tokens
+
+```powershell
+$azureRM = az account get-access-token --query accessToken -o tsv
+$graph = az account get-access-token --resource https://graph.microsoft.com/ --query accessToken -o tsv
+$storage = az account get-access-token --resource https://storage.azure.com/ --query accessToken -o tsv
+$vault = az account get-access-token --resource https://vault.azure.net --query accessToken -o tsv
+
+$accessTokens = [System.Collections.Generic.List[System.String]]::new()
+[void]$accessTokens.Add($azureRM);
+[void]$accessTokens.Add($graph);
+[void]$accessTokens.Add($storage);
+[void]$accessTokens.Add($vault);
+
+$p = @{
+    Instance = "Azure";
+    Collect = "All";
+    AccessToken = $accessTokens;
+    IncludeEntraId = $true;
+    TenantId = "00000000-0000-0000-0000-000000000000";
+    Verbose = $true;
+    InformationAction = "Continue"
+}
+Invoke-Monkey365 @p
+```
+This allows Monkey365 to:
+
+- Query EntraID via Microsoft Graph
+- Enumerate Azure subscriptions and resources via ARM
+
+All without any interactive login.
+
+### Notes & Recommendations
+- Tokens must be valid JWT access tokens.
+- Monkey365 does not refresh tokens.
+- Ensure tokens include the correct scopes or resource audiences.
+
+### Troubleshooting
+
+#### Monkey365 reports "Invalid token"
+- Ensure the token is an access token, not an ID token.
+- Verify the aud claim matches a supported API.
+- Check token expiration (exp claim).
+
+#### API calls fail with 401/403
+- Token may be missing required scopes/permissions.
+- Service principal may not have required roles (e.g., Reader on subscription).

docs/authentication/access_token.md

@@ -0,0 +1,81 @@
+---
+author: Juan Garrido
+---
+
+# Using the Microsoft Graph Client ID
+
+Monkey365 supports multiple authentication methods when connecting to Microsoft Entra ID. By default, Monkey365 uses the **Azure PowerShell client ID** `1950a258-227b-4e31-a9cf-717495945fc2`. 
+
+This <a href='https://learn.microsoft.com/en-us/troubleshoot/entra/entra-id/governance/verify-first-party-apps-sign-in#application-ids-of-microsoft-tenant-owned-applications' target='_blank'>client ID</a> is **pre‑authorized by Microsoft** for a **limited set of Microsoft Graph scopes**. Using the default clientId is enough for basic configuration review, but the application do **not** include many of the advanced or privileged scopes required for deeper Entra ID assessments, so there will be collectors that won't be allowed to fetch results due to lack of granted scopes. 
+
+To support more advanced scenarios, Monkey365 also allows authentication using Microsoft's tenant‑owned Microsoft Graph Client ID `14d82eec-204b-4c2f-b7e8-296a70dab67e`
+
+Using this client ID enables Monkey365 to request additional Microsoft Graph scopes that are **not available** through the **Azure PowerShell client ID**, such as `RoleManagement.Read.Directory` or `PrivilegedAccess.Read.AzureADGroup`. Using this clientId provides Monkey365 with broader visibility into privileged roles, access policies or directory‑wide configuration.
+
+## Enabling Microsoft Graph Authentication
+
+To switch from the default Azure PowerShell client ID to the Microsoft‑owned Graph Client ID, set the `useMgGraph` property to `true` in your [monkey365.config](../configuration/configuration-file.md) configuration file:
+
+```json
+"mgGraph": {
+    "useMgGraph": "true"
+    ...
+}
+```
+When enabled, Monkey365 will automatically use the Microsoft Graph Client ID during authentication and request the required permissions.
+
+## Microsoft Graph Permissions
+
+When the Microsoft Graph Client ID is selected, Monkey365 will request the following Microsoft Graph scopes:
+
+- User.Read.All
+- Application.Read.All
+- Policy.Read.All
+- Organization.Read.All
+- OrgSettings-AppsAndServices.Read.All
+- RoleManagement.Read.Directory
+- GroupMember.Read.All
+- Directory.Read.All
+- PrivilegedEligibilitySchedule.Read.AzureADGroup
+- PrivilegedAccess.Read.AzureADGroup
+- RoleManagementPolicy.Read.AzureADGroup
+- Group.Read.All
+- SecurityEvents.Read.All
+- IdentityRiskEvent.Read.All
+- UserAuthenticationMethod.Read.All
+- AuditLog.Read.All
+- AccessReview.Read.All
+
+These permissions allow Monkey365 to perform a comprehensive security and configuration assessment across Entra ID, including privileged access, audit logs, identity protection, and directory‑wide configuration.
+
+The above scopes are configurable and can be set in [monkey365.config](../configuration/configuration-file.md) configuration file under the scopes section, as shown below:
+
+```json
+"mgGraph":{
+	"useMgGraph": "true",
+	"scopes": [
+		"User.Read.All",
+		"Application.Read.All",
+		"Policy.Read.All",
+		"Organization.Read.All",
+		"OrgSettings-AppsAndServices.Read.All",
+		"RoleManagement.Read.Directory",
+		"GroupMember.Read.All",
+		"Directory.Read.All",
+		"PrivilegedEligibilitySchedule.Read.AzureADGroup",
+		"PrivilegedAccess.Read.AzureADGroup",
+		"RoleManagementPolicy.Read.AzureADGroup",
+		"Group.Read.All",
+		"SecurityEvents.Read.All",
+		"IdentityRiskEvent.Read.All",
+		"UserAuthenticationMethod.Read.All",
+		"AuditLog.Read.All",
+		"AccessReview.Read.All"
+	]
+}
+}
+```
+
+???+ note
+	If you are authenticating with the Microsoft Graph Client ID for the first time, you will be prompted to grant the necessary permissions, as shown below:
+	![](../assets/images/consent.png)

docs/authentication/using_mggraph_client_id.md

@@ -83,6 +83,11 @@ Use this flag to list available frameworks:
 Invoke-Monkey365 -ListFramework
 ```
 
+```-AccessToken```
+
+Use this flag to provide external access tokens. More information can be seen [here](../authentication/access_token.md)
+
+
 ## Listing collectors
 
 The `-ListCollector` flag is used to display a list of available collectors within Monkey365. Collectors are modular components that gather specific sets of data from cloud environments such as Azure, Microsoft 365, or Entra ID.

docs/configuration/general-options.md

@@ -1,17 +1,27 @@
 ---
 author: Juan Garrido
+hide:
+  - navigation
+  - toc
 ---
 
 # Monkey365
 
 <div class="center">
-<img src='assets/images/monkey365.png' />
+<img src='assets/images/MonkeyLogo.png' />
 </div>
 
+[![GitHub release](https://img.shields.io/github/v/release/silverhack/monkey365?display_name=tag&sort=semver)](https://github.com/silverhack/monkey365/releases)
+[![PowerShell Gallery](https://img.shields.io/powershellgallery/v/monkey365)](https://www.powershellgallery.com/packages/monkey365/)
+[![License](https://img.shields.io/github/license/silverhack/monkey365)](https://github.com/silverhack/monkey365/blob/main/LICENSE)
+[![Stars](https://img.shields.io/github/stars/silverhack/monkey365?style=social)](https://github.com/silverhack/monkey365/stargazers)
+[![Follow @tr1ana](https://img.shields.io/twitter/follow/tr1ana?style=social)](https://twitter.com/tr1ana)
+[![GitHub Downloads](https://img.shields.io/github/downloads/silverhack/monkey365/total?style=flat&logo=powershell&label=GitHub%20Release%20Download)](https://github.com/silverhack/monkey365/releases)
+[![PowerShell Gallery Downloads](https://img.shields.io/powershellgallery/dt/monkey365.svg?style=flat&logo=powershell&label=PSGallery%20Download)](https://www.powershellgallery.com/packages/monkey365)
 
 Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews without the significant overhead of learning tool APIs or complex admin panels from the start.
 
-Monkey365 has been designed to tackle these difficulties and get results fast and without any requirements. The results will be visualised in a simplified HTML report to quickly identify potential issues. As such, security consultants will be able to effectively address issues from a single vulnerability report.
+Monkey365 has been designed to tackle these difficulties and get results fast and without any requirements. The results can be visualised in a simplified HTML report to quickly identify potential issues. As such, security consultants will be able to effectively address issues from a single vulnerability report. Click through findings, and evidence in a report format suitable for reviews.
 
 ![](assets/images/htmlreport.png)
 
@@ -25,10 +35,56 @@ To help with this effort, Monkey365 also provides several ways to identify secur
 
 Monkey365 works in three phases. In the first phase, collectors will issue queries against the multiple data sources to retrieve the desired metadata about targeted tenant or subscription, and then will collect information. Once all the necessary metadata is collected, the result is passed to an internal module in order to start the verifying phase, in which the tool uses the data collected in first phase to perform query search with a default set of rules, as a mechanism to evaluate the configuration and to search for potential misconfigurations and security issues. The third phase starts to generate reports, such as an HTML report containing structured data for quick checking and verification of the results.
 
-# Documentation
+# Getting Started
 
-* [Getting Started](install/install-instructions.md)
-* [License and Contributing](license/license-contributing.md)
-* [Support](support/support.md)
-* [Disclaimer](support/disclaimer.md)
-* [Sample report](sample/monkey365.html)
+```powershell
+#Install module
+Install-Module Monkey365 -Scope CurrentUser
+#Set params
+$param = @{
+    Instance = 'Microsoft365';
+    Collect = 'ExchangeOnline','MicrosoftTeams','Purview','SharePointOnline';
+    PromptBehavior = 'SelectAccount';
+    IncludeEntraID = $true;
+    ExportTo = 'HTML';
+}
+#Execute monkey365
+Invoke-Monkey365 @param
+```
+
+---
+
+[Getting started](install/install-instructions.md){ .md-button .md-button--primary }
+[Quick start](getting_started/basic-usage.md){ .md-button }
+[Authentication](authentication/overview.md){ .md-button }
+[Sample report](sample/monkey365_azure.html){ .md-button }
+
+!!! warning "Permissions required"
+    Monkey365 needs appropriate permissions to read tenant and subscription configuration data.  
+    Review: [Required permissions →](getting_started/permissions.md)
+
+---
+
+# Automation-friendly output
+
+Export results as **JSON**, **CSV**, or **CLIXML** for pipelines and post-processing.
+
+- [Exporting overview](exporting/exporting-data.md)
+- [Export JSON](exporting/export-json.md)
+- [Export CSV](exporting/export-csv.md)
+- [Export HTML](exporting/export-html.md)
+
+# Extensible security checks
+Create custom rules and rulesets for organization-specific controls.
+
+- [Security checks overview](security_checks/overview.md)
+- [Create a custom rule](security_checks/custom-rule.md)
+- [Custom ruleset](security_checks/custom-ruleset.md)
+
+# Next steps
+
+- Configure scan behavior → [General options](configuration/general-options.md)
+- Azure-specific tuning → [Azure options](configuration/azure-options.md)
+- Microsoft 365 tuning → [Microsoft 365 options](configuration/microsoft365-options.md)
+- Handle throttling → [Rate limits & retry](configuration/rate-limit.md)
+- Logging (File/Slack/Teams) → [Logging introduction](logging/introduction.md)

docs/index.md

@@ -3514,7 +3514,7 @@ <h5 class="modal-title-header" id="MonkeyRawObject_d67addac8097472cacc14dc0b15aa
    <!--Sidebar-->
    <div class="sidebar" id="sidebar">
     <div class="header">
-     <a class="sidebar-brand" href="javascript:show('monkey-main-dashboard')">
+     <a class="sidebar-brand" href="https://silverhack.github.io/monkey365/">
       <img src="https://cdn.jsdelivr.net/gh/silverhack/monkey365assets@latest//assets/inc-monkey/logo/MonkeyLogo.png" alt="monkey365">
       </img>
       <span class="align-middle me-3">Monkey365</span>