FireEye released a free tool on GitHub named Azure AD Investigator that can help companies determine if the SolarWinds hackers (aka UNC2452) used any of their attack techniques inside their networks.