View ConditionalAccess-PolicyNames_and_IDs.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SigninLogs | |
| mv-expand ConditionalAccessPolicies | |
| project DisplayName = tostring(ConditionalAccessPolicies.displayName),ID = tostring(ConditionalAccessPolicies.id) | |
| distinct ID,DisplayName | |
| order by DisplayName asc |
View ConditionalAccess-SignIns-ReportOnly.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Get Sign-in logs for any Report-Only Conditional Access policies where the result = ReportOnlyFailure | |
SigninLogs | |
| mvexpand ConditionalAccessPolicies | |
| where ConditionalAccessPolicies["result"] == "reportOnlyFailure" | |
| project TimeGenerated, Identity, UserPrincipalName, AzureADApplication = AppDisplayName, ClientApplication = ClientAppUsed, ClientBrowser = DeviceDetail.browser, ClientOperatingSystem = DeviceDetail.operatingSystem, ClientIPAddress = IPAddress , ClientUserAgent = UserAgent , ConditionalAccessPolicyName = ConditionalAccessPolicies["displayName"], ConditionalAccessPolicyID = ConditionalAccessPolicies["id"] |
View Copy-Shrug.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function Copy-Shrug { | |
"¯\_(ツ)_/¯" | Set-Clipboard | |
Write-Output "Shrug copied to clipboard" | |
} | |
New-Alias -name 'cps' -Value Copy-Shrug |
View Get-MachineAccountQuotaUsers.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$machineAccountQuotaComputers = Get-ADComputer -filter {ms-DS-CreatorSID -ne "$null"} -Properties ms-DS-CreatorSID,Created | |
foreach ($machine in $machineAccountQuotaComputers) { | |
$creator = $null | |
try { | |
$creator = [System.Security.Principal.SecurityIdentifier]::new($machine.'ms-DS-CreatorSID').Translate([System.Security.Principal.NTAccount]).Value | |
} | |
catch { | |
$creator = $machine.'ms-DS-CreatorSID' | |
} |
View CSVGridView.bat
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
IF "%~1"=="" GOTO NOFILE | |
set CSVPATH=%~1 | |
ECHO Loading CSV %CSVPATH% | |
powershell.exe -NoProfile -NoExit -NoLogo -Command "if ((Test-Path $env:CSVPATH -PathType Leaf) -and ($env:CSVPATH -like '*.csv')) {Import-Csv -Path $env:CSVPATH | Out-GridView -Wait -Title $env:CSVPATH};exit" | |
GOTO END | |
:NOFILE |
View dfstargets.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Get-DfsnFolder -Path \\internal.contoso.com\dfsroot\* | Get-DfsnFolderTarget | ? {$_.State -eq "Online"} | Group-Object -Property Path | ForEach-Object {$_.group[0]} |
View Get-AussieGovDomains.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.DESCRIPTION | |
Retrieve a list of Australian government (.gov.au) domains from the CKAN Data API at https://data.gov.au/ | |
#> | |
# https://data.gov.au/dataset/ds-dga-4d5301b2-bc64-4774-b437-56a408836e57/details | |
$dataUri = 'https://data.gov.au/data/api/3/action/datastore_search?resource_id=507f8129-b84c-4215-ae7d-5aca364e4a0e&limit=2000' | |
# Basic function to strip the URL down to the bare FQDN |
View Invoke-QuerySpfViaCloudflareDoh.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Retrieve SPF records for a domain via Cloudflare DoH | |
$domain = 'example.com' | |
$result = Invoke-RestMethod -Uri "https://cloudflare-dns.com/dns-query?name=$domain&type=TXT" -Headers @{'accept'='application/dns-json'} | |
if ($result -ne $null) { | |
if ($result.answer -ne $null) { | |
$result.answer | Select-Object -ExpandProperty data | Where-Object {$_ -like '*v=spf1*'} | |
} | |
} |
View Invoke-SpeechPrank.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add-Type -TypeDefinition @' | |
using System.Runtime.InteropServices; | |
[Guid("5CDF2C82-841E-4546-9722-0CF74078229A"), InterfaceType(ComInterfaceType.InterfaceIsIUnknown)] | |
interface IAudioEndpointVolume { | |
// f(), g(), ... are unused COM method slots. Define these if you care | |
int f(); int g(); int h(); int i(); | |
int SetMasterVolumeLevelScalar(float fLevel, System.Guid pguidEventContext); | |
int j(); | |
int GetMasterVolumeLevelScalar(out float pfLevel); |
View Invoke-RegexReplaceTest.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Regex Examples with -Replace | |
$testString = "ABCabc 123456_!#$%" | |
Write-Host "Remove all numbers in a string" -ForegroundColor Yellow | |
"Before: $testString" | |
"After: $($testString -replace '\d')" | |
"" | |
Write-Host "Remove everything but numbers from a string" -ForegroundColor Yellow | |
"Before: $testString" |
NewerOlder