Skip to content

Instantly share code, notes, and snippets.

View dstreefkerk's full-sized avatar

Daniel dstreefkerk

  • Sydney, Australia
View GitHub Profile
dstreefkerk / gist:ffb233ce57585818f3887b63b6310188
Created March 27, 2024 00:55
List conditional access policies via PowerShell, including if they apply to MS Admin Portals (CIS Azure Foundations 1.2.7)
# First, connect to Microsoft Graph
Connect-MgGraph -Scopes "Policy.Read.All", "Directory.Read.All"
# Retrieve all Conditional Access policies
$policies = Get-MgIdentityConditionalAccessPolicy
# Iterate through each policy
foreach ($policy in $policies) {
ID = $policy.Id
dstreefkerk / Export-CrowdGroupData.ps1
Last active December 9, 2023 06:49
Script to retrieve and export group data from Atlassian Crowd via REST API.
Retrieves and exports group data from Atlassian Crowd via REST API.
The Get-CrowdData function is designed to interact with the Atlassian Crowd REST API to retrieve group and group membership data from a specified Crowd Directory.
It requires the Crowd Base URL and Directory ID as inputs. Optionally, you can specify an output path to save the exported data; if not specified, it defaults to the user's profile directory.
Based on API documentation from here:
dstreefkerk / invite-entra-guests-msgraph.ps1
Created December 7, 2023 04:05
Invite Entra ID Guests with a customised message body and a specific CC recipient using Invoke-MgGraphRequest
# Connect to Microsoft Graph
Connect-MgGraph -Scopes "User.Invite.All"
# Microsoft Graph API endpoint for invitations
$graphApiUrl = ""
# Create the invitation object
$invitation = @{
invitedUserDisplayName = "Daniel Streefkerk"
invitedUserEmailAddress = ""
dstreefkerk / Get-ProwlerJSONFindingsCSV.ps1
Last active August 23, 2023 06:24
Script to compile all of the findings in JSON format from multiple Prowler runs and export to a usable CSV
# Script to compile all of the findings in JSON format from multiple Prowler runs and export to a usable CSV
# Note: will also run fine if there's just a single JSON file in the output folder
# Hard-coded to grab FAILures only, not PASSes
# Make sure that only relevant findings files are being merged to CSV. i.e. remove old output files from previous runs
# Path to the default Prowler output folder
$prowlerReportsFolder = Join-Path -Path $env:USERPROFILE -ChildPath "output"
dstreefkerk / templates.yaml
Last active July 14, 2022 08:56 — forked from EverythingSmartHome/templates.yaml
Home Assistant Mushroom card templates
#Showing the state of a temperature in a template card:
{{ states('sensor.your_temperature_sensor') }}
#Change the colour of the light depending on status:
{% if is_state('light.your_light', 'on') %}
{% endif %}
#Welcome template:
#Updated to greet the user by first name only
dstreefkerk / ConditionalAccess-PolicyNames_and_IDs.txt
Created October 6, 2020 23:32
KQL Query to retrieve from Log Analytics a list of Conditional Access policy names and IDs
| mv-expand ConditionalAccessPolicies
| project DisplayName = tostring(ConditionalAccessPolicies.displayName),ID = tostring(
| distinct ID,DisplayName
| order by DisplayName asc
dstreefkerk / ConditionalAccess-SignIns-ReportOnly.txt
Last active March 6, 2024 16:55
KQL Query to retrieve all Azure AD sign-ins that failed a Conditional Access policy in Report-Only mode
// Get Sign-in logs for any Report-Only Conditional Access policies where the result = ReportOnlyFailure
| mvexpand ConditionalAccessPolicies
| where ConditionalAccessPolicies["result"] == "reportOnlyFailure"
| project TimeGenerated, Identity, UserPrincipalName, AzureADApplication = AppDisplayName, ClientApplication = ClientAppUsed, ClientBrowser = DeviceDetail.browser, ClientOperatingSystem = DeviceDetail.operatingSystem, ClientIPAddress = IPAddress , ClientUserAgent = UserAgent , ConditionalAccessPolicyName = ConditionalAccessPolicies["displayName"], ConditionalAccessPolicyID = ConditionalAccessPolicies["id"]
dstreefkerk / Copy-Shrug.ps1
Created February 14, 2020 00:49
Put this into your PowerShell profile file for an offline version of
function Copy-Shrug {
"¯\_(ツ)_/¯" | Set-Clipboard
Write-Output "Shrug copied to clipboard"
New-Alias -name 'cps' -Value Copy-Shrug
dstreefkerk / Get-MachineAccountQuotaUsers.ps1
Created January 29, 2020 04:38
Gets a list of AD computers that were created by regular users exercising their default right to create up to 10 computer accounts in an AD domain
$machineAccountQuotaComputers = Get-ADComputer -filter {ms-DS-CreatorSID -ne "$null"} -Properties ms-DS-CreatorSID,Created
foreach ($machine in $machineAccountQuotaComputers) {
$creator = $null
try {
$creator = [System.Security.Principal.SecurityIdentifier]::new($machine.'ms-DS-CreatorSID').Translate([System.Security.Principal.NTAccount]).Value
catch {
$creator = $machine.'ms-DS-CreatorSID'
dstreefkerk / CSVGridView.bat
Created November 8, 2019 06:19
Batch file that enables a CSV to be dragged/dropped and then opened in a PowerShell GridView. Requires the PowerShell ISE to be instaled.
@echo off
IF "%~1"=="" GOTO NOFILE
set CSVPATH=%~1
powershell.exe -NoProfile -NoExit -NoLogo -Command "if ((Test-Path $env:CSVPATH -PathType Leaf) -and ($env:CSVPATH -like '*.csv')) {Import-Csv -Path $env:CSVPATH | Out-GridView -Wait -Title $env:CSVPATH};exit"