Back to all tools
PowerShell ModulePackaging

Intune-App-Sandbox

Intune-App-Sandbox is a testing utility for PowerShell-based installers packaged with the Win32 Content Prep Tool for Intune deployments. It creates a sandbox workspace (C:\SandboxEnvironment), and adds context-menu options to pack with IntunewinUtil or run tests in a Safe sandbox. It also supports a detection-based test flow and a reusable template script to accelerate building and validating packaging for Win32 apps in Intune.

Works with
WindowsWin32 Apps
Created by
Maciej Horbacz
Maciej Horbacz
GitHubDownload

Security Analysis

6of 6
All Checks Passed

12 files scanned on Jan 8, 2026

No Obfuscated Code
No Remote Execution
No Credential Theft
No Data Exfiltration
No Malicious Patterns
No Hardcoded Secrets
AI Analysis

Overall assessment: The Intune-App-Sandbox tool appears to be a legitimate admin-oriented utility for packaging and sandboxing software in Intune, with features like sandbox updates, toast notifications, and inventory gathering. However, several risky patterns are present: policy bypass usage, SYSTEM-level scheduled tasks for persistence, and registry-based context-menu modifications that could enable persistent or covert execution. The manifest in Intune-App-Sandbox.psd1 shows garbled/non-ASCII content suggesting encoding obfuscation or corruption. Additionally, uninstall string tampering (I->X) in Uninstall-ProgramScriptTemplate.ps1 could lead to unreliable uninstallation. No hardcoded secrets or explicit credential theft are evident in the provided code. Overall, treat these risky patterns as potential security concerns and audit usage contexts (administrative tooling within a managed environment) to differentiate legitimate admin activity from potential misuse.

Screenshots1 / 2

Swipe to see more

You might also like

PowerShell Module

Wintuner

WinTuner is a tool that lets you take any WinGet app and upload it to Intune in minutes. It automates downloading the installer and logo, generates the intunewin package, creates the required deployment script details, and publishes the app to Intune. It also ships a PowerShell module for automation and includes documentation to guide you through the process.

Stephan van RooijStephan van Rooij
PowerShell Module

IntuneWin32App

A PowerShell module for managing the complete lifecycle of Win32 applications in Microsoft Intune. Features 40+ functions for packaging, publishing, detection rules, requirement rules, assignments, dependencies, and supersedence with support for x64, x86, and ARM64 architectures.

Nickolaj AndersenNickolaj Andersen
Documentation

IntuneAppDoc.com

IntuneAppDoc.com automates creation of comprehensive documentation for Intune-managed apps, serving admins and end users. It extracts app details, deployment steps, and configuration notes to produce ready-to-publish how-to guides and reference materials. Key features include template-based docs, auto-generated step-by-step instructions, and support for common Intune deployment scenarios.

Morten GlimmeMorten Glimme
CLI Tool

AutomaTuner

A Python tool that automates packaging and deploying applications from the Winget repository into Microsoft Intune using WinTuner. Features automated packaging, direct publishing, dependency handling, duplicate detection, and report generation with Azure AD authentication.

Ayoub SekoumAyoub Sekoum