Is IntuneManagement free?

Yes, IntuneManagement is completely free to use. It is an open-source tool available to the Intune community.

IntuneManagement

A PowerShell application with WPF GUI for managing Microsoft Intune and Azure policies. Features export, import, copy, delete, document, and compare operations across 30+ object types with cross-tenant migration, ADMX import, bulk operations, and automated documentation.

Works with

WindowsmacOSiOSAndroidGraph APIConfig ProfilesADMX

Created by

Micke Karlsson

View on GitHubGitHub Download

Security Analysis

3of 6

3 Issues Found

24 files scanned on Jan 8, 2026

Issues Detected

No Obfuscated Code

No base64 encoded commands or hidden scripts

Base64 decode and execute in Core.psm1

No Data Exfiltration

No suspicious outbound data transfers

Export-EncryptionKeys traverses Intune .intunewin packages to extract sensitive encryption information (encryptionKey, macKey, initializationVector, mac, fileDigest, etc.) and writes JSON files to disk. This constitutes potential data exfiltration or misuse of cryptographic material that could enable decryption of app content if accessed by unauthorized parties.

No Malicious Patterns

No known malware techniques

PowerShell invoked with -ex bypass and console window handling to run scripts in the background, potentially bypassing policy and hiding execution. This can be used to execute code with reduced user awareness.

Passed Checks

No Remote Execution

No Credential Theft

No Hardcoded Secrets

AI Analysis

The codebase includes several security concerns related to execution policy bypass and potential data exposure. Key issues: (1) policy bypass via -ex bypass in multiple startup wrappers, (2) possible data exfiltration risk from exporting sensitive encryption keys from Intune packages, (3) local credential/token storage using DPAPI with a per-user scope, and (4) UI/hiding mechanisms that could obscure execution. There are no evident hardcoded secrets nor confirmed remote code downloads in the provided snippets. Recommendations: remove or restrict execution policy bypass, restrict and audit encryption-key exporting, ensure strict access control on token caches, and document/limit UI hiding features with proper auditing.

Screenshots

Desktop App

Intune Toolkit

A PowerShell-based GUI solution for managing Microsoft Intune policies. Features Microsoft Graph authentication, multi-platform policy and app management, assignment operations, backup/restore in JSON format, CSV/Markdown export, and comprehensive activity logging.

Maxime Guillemin

Desktop App

Device Offboarding Manager

A PowerShell-based GUI application for streamlined device lifecycle management across Microsoft cloud services. Enables bulk device offboarding from Intune, Autopilot, and Entra ID from a single interface. Features real-time dashboard analytics, stale device tracking, automatic BitLocker and FileVault key retrieval, CSV/TXT import for bulk operations, and pre-built playbooks for automated workflows.

Ugur Koc

PS Script

IntuneComplianceMaintainer

IntuneComplianceMaintainer is a PowerShell automation script that keeps Microsoft Intune compliance and app-protection policies up to date with the latest supported OS minimums across iOS, iPadOS, macOS, Android, and Windows. It uses endoflife.date and the Graph Windows Update Catalog to drive cadence-based updates, with flexible authentication (Managed Identity, App Registration with certificate or secret, plus Key Vault integration) and safety features like dry-run and downgrade protection. It provides comprehensive logging and built-in retry logic for resilience.

James Robinson

Web App

TenuVault

TenuVault is a safe backup and restore solution for Microsoft Intune configurations. It backs up Intune policies to JSON files, detects configuration drift, and restores by creating new policies with a [Restored] prefix - never overwriting existing ones. It supports multiple export formats (JSON, CSV, HTML), full audit logs, and a read-only backup model with preview mode to ensure non-destructive changes.