This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Connect to Microsoft Graph | |
Connect-MgGraph -Scopes Application.Read.All | |
# Get all Entra ID applications | |
$allApps = Get-MgApplication -All $true | |
$array = @() | |
# Loop through each application | |
foreach ($app in $allApps) { | |
Write-Host "Application Name: $($app.DisplayName)" | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Get Access Token | |
$auth = @{ | |
Method = "POST" | |
Uri = "https://accounts-api.airthings.com/v1/token" | |
Body = [Ordered] @{ | |
"grant_type" = "client_credentials" | |
"client_id" = "49e83d9d-994b-4e8a-962d-a92cc9dfb874" | |
"client_secret" = "58c5318a-afc0-4d0a-b517-42e650c2289e" | |
"scope" = "read:device:current_values" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Get-ADComputer -Filter * | ForEach-Object { | |
$laps = (Get-LapsADPassword $_) | |
$cred = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $laps.Account, $laps.Password | |
Invoke-Command -ComputerName $_ -Credential $cred -ScriptBlock { $env:COMPUTERNAME; (Get-ChildItem).Name } | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager" /v ASRRules /t REG_SZ /d "56a863a9-875e-4185-98a7-b882c64b5ce5=1|7674ba52-37eb-4a4f-a9a1-f0f9a1619a2c=1|d4f940ab-401b-4efc-aadc-ad5f3c50688a=1|9e6c4e1f-7d60-472f-ba1a-a39ef669e4b2=1|be9ba2d9-53ea-4cdc-84e5-9b1eeee46550=1|01443614-cd74-433a-b99e-2ecdc07bfc25=1|5beb7efe-fd9a-4556-801d-275e5ffc04cc=1|d3e037e1-3eb8-44c8-a917-57927947596d=1|3b576869-a4ec-4529-8536-b80a7769e899=1|75668c1f-73b5-4cf0-bb93-3ecf5cb7cc84=1|26190899-1602-49e8-8b27-eb1d0a1ce869=1|e6db77e5-3df2-4cf1-b95a-636979351e5b=1|d1e49aac-8f56-4280-b9ba-993a6d77406c=1|b2b3f03d-6a65-4f7b-a9c7-1c7ef74a9ba4=1|92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b=1|c1db55ab-c21a-4637-bb3f-a12568109d35=1" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
((Invoke-RestMethod -Uri ((Invoke-WebRequest -Uri "https://www.microsoft.com/en-us/download/confirmation.aspx?id=56519" -UseBasicParsing ).links.href | Where-Object { $_ -like "*.json" })[0]).values | Where-Object { $_.name -eq "AzureAdvancedThreatProtection" }).properties.addressPrefixes | Where-Object { $_ -notlike "*:*" } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[array]$results = "Recommendation,CPR,OS,KB,URL" | |
(Invoke-WebRequest -Uri "https://www.rockwellautomation.com/ms-patch-qualification/Tabs3_new.htm").links.href | ForEach-Object { | |
$response = Invoke-WebRequest -Uri "https://www.rockwellautomation.com/$_" | |
[array]$content = $response.ParsedHtml.body.innerHTML -split "`r`n" | Where-Object { $_ -match '<TD class' } | ForEach-Object { $_.Split('<>')[2..3] } | Where-Object { $_ -ne "" } | |
$content | ForEach-Object { | |
if ($_ -eq "Fully Qualified") { $fq = $true } | |
if ($fq) { | |
if ($_ -like "SR*") { $sr = $_} | |
if ($_ -in "2012R2","Win8_1x64","2016","Win10","2019","Win10_20H2") { $os = $_} | |
if ($_ -like "*support.microsoft.com*") { $url = $_.Split('"')[1] } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DeviceTvmSecureConfigurationAssessmentKB | |
| join (DeviceTvmSecureConfigurationAssessment | where IsCompliant == 0) on ConfigurationId | |
| summarize Devices = make_list(DeviceName), DeviceCount = dcount(DeviceName) by ConfigurationId, ConfigurationName, ConfigurationImpact, ConfigurationCategory, ConfigurationSubcategory, tostring(ConfigurationBenchmarks), RemediationOptions | |
| extend Impact = ConfigurationImpact * DeviceCount | |
| sort by Impact desc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[string]$username= Read-Host -Prompt "Enter UserName" | |
$securedValue = Read-Host -AsSecureString -Prompt "uurPass" | |
$bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($securedValue) | |
$password = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr) | |
$requestid = [System.Guid]::NewGuid().guid | |
$domain = ($username -split "@")[1] | |
Invoke-RestMethod -Method Get -UseBasicParsing ("https://login.microsoftonline.com/common/userrealm/$username" + "?api-version=1.0") -UserAgent $userAgent | |
$headers = @{ | |
"client-request-id"=$requestid | |
"return-client-request-id"="true" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
E1D4D1D6379D54A742C068D377B7CA3203BCFEE462B651672B971013D8E01275 | |
70CE17C721210994F1FDD64B2E5FDC299A137765760060B1761D8594C55A2306 | |
03DD6140E9D304EB2A468A8620403D2B3EE0FCBCD0E67BB8DCAF1C9DF9EAC685 | |
421E5DD5A8374CE5E4197D847D9233ECD0298355C053C8347F9F0CEF90E4EA66 | |
A608E8B300061FA74759603F739EEAFF8BCE9418F6959098B429578CB8D801CE | |
C74B675264C380ECB5F3B88DF0CE9B3435D288CB30E94A1EF68DA129AEFF1933 | |
F035C94BE4D5169F22C4FEC112BE1009235227DCCC6F70B2A8D1818804BC6E9E | |
52AE39457A3B6ED684EB684DB31D52F9B2AAA19970A0699C58A40069B21B140F | |
25DAE0CAAFCAF7CA51F6430EB488C8C06ED6B797201E35C145FC5AA23C6047D2 | |
A6D421E9B692E6C347CCD0C9DAD1492534DE0147DC29F50470DE6CC0AF660F1E |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DeviceProcessEvents | |
| where FileName in ("AT.EXE","bash.exe","BitLockerWizard.exe","BitLockerWizardElev.exe","Bubbles","calc.exe","CDB.Exe","CertUtil.exe","charmap.exe","CLEANMGR.DLL","ClientConsole.EXE","Cmd.Exe","CMDL32.EXE","colorcpl.exe","ComputerDefaults.EXE","CONTROL.EXE","Credwiz.exe","CryptExt.dll","Csc.Exe","cscript.exe","csi.Exe","dccw.exe","DeviceEject.EXE","DeviceParing.exe","DeviceParing.exe","DeviceProperties.exe","dfshim.dll","DIALER.EXE","DISKPERF.EXE","dnx.Exe","DOSKEY.EXE","dsquery.dll","dvdplay","eventvwr.exe","expand","FC.EXE","FIND.EXE","FINDSTR.EXE","finger.exe","FONTVIEW.EXE","forfiles.exe","format.com","fsi.exe","FXSSVC.EXE","gprslt.exe","GPSCRIPT.EXE","GPUpdate.exe","Help.Exe","HH.exe","HWRREG.EXE","iexplore.exe","infdefaultinstall.exe","irftp.exe","iscsicli.exe","iscsicpl.exe","ISOBURN.EXE","Journal.exe","kd.Exe","LaunchTM.exe","lxrun.exe","lxssmanager.dll","lxssmanager.exe","manage-bde.exe","mip.exe","mmc.exe","mobsync.exe","MORE.COM","MSBuild.Exe","msconfig.EXE","msdt.exe","mshta.e |