Back to all tools
PowerShell ModuleAutomation

IntuneDeviceInventory

A PowerShell module with UI for extending Microsoft Intune device management. Adds custom properties to Intune devices, enables bulk operations including device sync and BitLocker key rotation, with both PowerShell module and standalone UI interfaces.

Works with
WindowsGraph APIBitLocker

Security Analysis

5of 6
1 Issue Found

37 files scanned on Jun 11, 2026

Issues Detected
No Obfuscated Code
No base64 encoded commands or hidden scripts
Module file contains non-ASCII characters and what appears to be garbled or encoded content (binary-like). This can hide malicious payloads or indicate integrity issues. Action: verify source integrity, re-export the module with UTF-8 encoding, and sign the module before deployment.
Passed Checks
No Remote Execution
No Credential Theft
No Data Exfiltration
No Malicious Patterns
No Hardcoded Secrets
AI Analysis

The IntuneDeviceInventory codebase largely aligns with expected Intune/Graph patterns, but there are notable concerns: (1) garbled/encoded module files that obscure content and raise integrity concerns, (2) use of client-secret based Graph authentication which can expose secrets if not stored securely, (3) collection of potentially sensitive device identifiers and tenant details that require governance, and (4) a few questionable error-handling practices. Immediate actions: verify and restore the binary-encoded module files from trusted sources, replace client-secret auth with more secure methods (managed identity/certificates), implement data minimization and encryption for inventory data, and standardize error handling in runbooks. No explicit remote code download/execution was detected, and there are no obvious hardcoded API keys present in the visible code, but ensure all secrets are externalized and signed.

You might also like

Desktop App

Device Offboarding Manager

A PowerShell-based GUI application for streamlined device lifecycle management across Microsoft cloud services. Enables bulk device offboarding from Intune, Autopilot, and Entra ID from a single interface. Features real-time dashboard analytics, stale device tracking, automatic BitLocker and FileVault key retrieval, CSV/TXT import for bulk operations, and pre-built playbooks for automated workflows.

Ugur KocUgur Koc
PowerShell Module

Intune Hydration Kit

A PowerShell module that automates Microsoft Intune tenant setup by deploying 70+ security baselines, 43 dynamic groups, 24 device filters, compliance policies, app protection policies, and Conditional Access policies in a single command. Integrates OpenIntuneBaseline and supports multi-cloud environments.

Jorge SuarezJorge Suarez
PowerShell Module

OSD

A comprehensive PowerShell module for operating system deployment with 400+ functions for WinPE and Windows. Includes OSDCloud for cloud-based deployment, disk management, Windows image operations, driver management for Dell, HP, Lenovo, and Microsoft, BIOS/firmware updates, BitLocker management, and WinPE customization.

David SeguraDavid Segura
PowerShell Module

Entra ID Device Trust

Entra ID Device Trust enables binding Function Apps to Entra ID joined devices by validating requests originate from trusted devices via the device certificate enrolled during device registration. It combines client-side data gathering (signature hash, device CN, public key, thumbprint) with server-side validation, and can be embedded as a module in your Function App or installed as a dependency. The solution supports embedding EntraIDDeviceTrust.Client on clients and EntraIDDeviceTrust.FunctionApp in Function Apps for seamless, enhanced request security.

Nickolaj AndersenNickolaj Andersen