IntuneDeviceInventory
A PowerShell module with UI for extending Microsoft Intune device management. Adds custom properties to Intune devices, enables bulk operations including device sync and BitLocker key rotation, with both PowerShell module and standalone UI interfaces.
Security Analysis
37 files scanned on Jan 8, 2026
The IntuneDeviceInventory codebase includes notable security concerns: an obfuscated/binary-like module header that impedes code review; a runtime-logic bug with an inappropriate break; hard-coded Azure App ID/permissions; local credential storage with potential leak risk and plaintext exposure in memory; destructive operations without safeguards; and potential exposure of sensitive device notes via backups. While there is legitimate admin tooling value, these issues should be addressed by refactoring for transparency, parameterization, safer secret handling, and protective prompts to reduce risk.
You might also like
Device Offboarding Manager
A PowerShell-based GUI application for streamlined device lifecycle management across Microsoft cloud services. Enables bulk device offboarding from Intune, Autopilot, and Entra ID from a single interface. Features real-time dashboard analytics, stale device tracking, automatic BitLocker and FileVault key retrieval, CSV/TXT import for bulk operations, and pre-built playbooks for automated workflows.
Ugur KocIntune Hydration Kit
A PowerShell module that automates Microsoft Intune tenant setup by deploying 70+ security baselines, 43 dynamic groups, 24 device filters, compliance policies, app protection policies, and Conditional Access policies in a single command. Integrates OpenIntuneBaseline and supports multi-cloud environments.
Jorge SuarezOSD
A comprehensive PowerShell module for operating system deployment with 400+ functions for WinPE and Windows. Includes OSDCloud for cloud-based deployment, disk management, Windows image operations, driver management for Dell, HP, Lenovo, and Microsoft, BIOS/firmware updates, BitLocker management, and WinPE customization.
David SeguraEntra ID Device Trust
Entra ID Device Trust enables binding Function Apps to Entra ID joined devices by validating requests originate from trusted devices via the device certificate enrolled during device registration. It combines client-side data gathering (signature hash, device CN, public key, thumbprint) with server-side validation, and can be embedded as a module in your Function App or installed as a dependency. The solution supports embedding EntraIDDeviceTrust.Client on clients and EntraIDDeviceTrust.FunctionApp in Function Apps for seamless, enhanced request security.
Nickolaj Andersen