This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OfficeActivity | |
| where TimeGenerated > ago(90d) | |
| where UserId has_any ("msftprotection","identityVerification","accountsVerification","azuresecuritycenter","teamsprotection") and UserId has "onmicrosoft" | |
| summarize by UserId |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
git branch | Select-String -NotMatch -Pattern "main" | % {$branch = $_ -replace '\s'; git branch -D $branch } |
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CveId | |
CVE-2018-13379 | |
CVE-2021-34473 | |
CVE-2021-31207 | |
CVE-2021-34523 | |
CVE-2021-40539 | |
CVE-2021-26084 | |
CVE-2021-44228 | |
CVE-2022-22954 | |
CVE-2022-22960 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// List all devices that have curl installed or use curl. | |
let ProcessBasedDevices = DeviceProcessEvents | |
| where Timestamp > ago(30d) | |
| where ProcessCommandLine has "curl" and FileName != "SenseNdr.exe" | |
| extend Method = "Process" | |
| summarize by DeviceId, DeviceName, Method; | |
let TVMBasedDevices = DeviceTvmSoftwareInventory | |
| where SoftwareName has "curl" | |
| extend Method = "Software Inventory" | |
| project DeviceId, DeviceName, Method, SoftwareName, SoftwareVersion, SoftwareVendor; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.SYNOPSIS | |
Generates a GUID from a given string value using MD5 hashing. | |
.PARAMETER Value | |
The string value to generate a GUID from. | |
.EXAMPLE | |
Get-Guid -Value "example string" | |
Returns a GUID generated from the string "example string". |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# looking for a all in one solution? | |
# https://github.com/f-bader/EntraIDPasskeyHelper | |
Connect-MGGraph -UseDeviceAuthentication -Scopes "AuditLog.Read.All", "UserAuthenticationMethod.Read.All" | |
$NextUri = "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?`$filter=methodsRegistered/any(x:x eq 'passKeyDeviceBound')" | |
do { | |
$Result = Invoke-MgGraphRequest -Uri $NextUri | |
$NextUri = $Result['@odata.nextLink'] | |
$ReturnValue += $Result['value'] |
OlderNewer