Skip to content

Instantly share code, notes, and snippets.

View darrenjrobinson's full-sized avatar

Darren Robinson darrenjrobinson

View GitHub Profile
@darrenjrobinson
darrenjrobinson / GetStaleAADGuestAccounts.ps1
Last active March 5, 2025 10:15
Get all AAD B2B Guest Accounts which haven't signed in, in the last XX Days, or haven't accepted a B2B Guest Invitation in last XX Days. Associated Blogpost https://blog.darrenjrobinson.com/finding-stale-azure-ad-b2b-guest-accounts-based-on-lastsignindatetime
Function AuthN {
<#
.SYNOPSIS
Authenticate to Azure AD and receieve Access and Refresh Tokens.
.DESCRIPTION
Authenticate to Azure AD and receieve Access and Refresh Tokens.
.PARAMETER tenantID
(required) Azure AD TenantID.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@darrenjrobinson
darrenjrobinson / Get-AzureADAuthenticationMethods.ps1
Last active January 20, 2025 16:17
PowerShell script to retrieve Azure AD Users Authentication Methods and add them as additional attributes on the User Object. Associated Blogpost https://blog.darrenjrobinson.com/reporting-on-users-azure-ad-authentication-methods-using-microsoft-graph-and-powershell/
Function AuthN {
<#
.SYNOPSIS
Authenticate to Azure AD and receieve Access and Refresh Tokens.
.DESCRIPTION
Authenticate to Azure AD and receieve Access and Refresh Tokens.
.PARAMETER tenantID
(required) Azure AD TenantID.
<#
From an Admin Powershell Session install the following PowerShell Modules that are dependancies.
Install-Module -Name PShell-AI
Install-Module -Name PSAI
Install-Module Microsoft.Graph
#>
Import-Module -Name PShell-AI
Import-Module -Name PSAI
@darrenjrobinson
darrenjrobinson / Get my Gists.ps1
Last active October 17, 2024 13:45
Retrieve all my Github Gists via search using PowerShell. Associated blog post here https://blog.darrenjrobinson.com/searching-and-retrieving-your-github-gists-using-powershell/
# Authenticate
$clientID = 'myGitHubUsername'
# GitHub API Client Secret
$clientSecret = '21c22a9f0ca888373a3077614d0abcdefghijklmnop'
# Basic Auth
$Bytes = [System.Text.Encoding]::utf8.GetBytes("$($clientID):$($clientSecret)")
$encodedAuth = [Convert]::ToBase64String($Bytes)
# Search based on Description
$search = "Import Script"
@darrenjrobinson
darrenjrobinson / Audit Azure AD Registered Applications.ps1
Last active August 24, 2024 05:15
Enumerate Azure AD Registered Apps for expiring credentials and sign-in activity. Associated blogpost https://blog.darrenjrobinson.com/auditing-azure-ad-registered-applications/
# Creds
$tenantID = 'yourAADTenantID'
$clientID = 'aadAppID'
$clientSecret = (ConvertTo-SecureString 'aadAppSecret' -AsPlainText -Force)
$accessToken = Get-MsalToken -clientID $clientID -clientSecret $clientSecret -tenantID $tenantID | Select-Object -Property AccessToken
# MS Graph Apps URI
$aadAppsURI = 'https://graph.microsoft.com/v1.0/applications'
# Get Expiring Creds in x Days
$expiryCheck = 60
@darrenjrobinson
darrenjrobinson / AADAuth_MSAL_Python.py
Last active July 7, 2024 18:10
Microsoft Graph using MSAL with Python and Certificate Authentication. Associated blogpost https://blog.darrenjrobinson.com/microsoft-graph-using-msal-with-python-and-certificate-authentication/
import msal
import jwt
import json
import sys
import requests
from datetime import datetime
global accessToken
global requestHeaders
global tokenExpiry
{
"attributes": {
"authType": "Basic",
"username": "IdentityNowServiceAccount_in_ServiceNow",
"password": "IdentityNowServiceAccount_Password",
"url": "https://yourServiceNowTenant.service-now.com",
"serviceNowAppName" : "ServiceNow [source-42423]",
"catalogItem": {
"2c9180856a93cecd016a9ed337615c35": "a632c040db25f30033501c0e049619af"
}
@darrenjrobinson
darrenjrobinson / Interactive MSAL AAD Delegated AuthN.py
Last active May 31, 2024 15:44
Interactive Authentication to Microsoft Graph using MSAL with Python and Delegated Permissions. See associated blogpost https://blog.darrenjrobinson.com/interactive-authentication-to-microsoft-graph-using-msal-with-python-and-delegated-permissions/
import msal
import jwt
import json
import sys
import requests
from datetime import datetime
from msal_extensions import *
# Microsoft Azure PowerShell Client ID
clientID = '1950a258-227b-4e31-a9cf-717495945fc2'
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.