Commit 2c6e8ced: Multiple changes

- Check output
- Updated list generation
- Started subdomain takeover check module

Powershell/Lists/ADMusers.ps1

@@ -22,7 +22,7 @@ function Get-ADGroupName ($DN)
 function Get-GroupMemberOf ($ADGroupName)
 {
 if ($ADGroupName -eq "# Developer") {
-break
+return
 }
 $ii++; $a=0
 $Message=""; $Prefix=""
@@ -41,26 +41,29 @@ if ($DNs.count -ne 0)
         $GroupScope = (Get-ADGroup $GroupName -Properties *).GroupScope
        
         $Message="$Prefix $ADGroupName => $GroupName [$GroupCategory - $GroupScope]"
-        Write-Host $Message
+        Write-Output $Message
       
         Get-GroupMemberOf $GroupName '   '
     }# End ForEach
   }# End IF
 }#End Function
 
-function Get-UserMemberships ($ADUser)
+function Get-UserMemberships ($ADUserSID)
 {
 
-$ADUserMembers=(Get-ADUser $ADUser -Properties *).MemberOf
+    $ADUser = Get-ADUser $ADUserSID -Properties *
+$ADUserMembers=$ADUser.MemberOf
 
-Write-Host "AD-User: $ADUser" -ForegroundColor blue 
+$ADUserName = $ADUser.name
+Write-Host "AD-User: $ADUserName"
+Write-Output "AD-User: $ADUserName"
 #PrimaryGroup
-    $ADPrimaryGroupDN = (Get-ADUser  -Properties * -Filter {SamAccountName -eq $ADUser}).PrimaryGroup
+    $ADPrimaryGroupDN = (Get-ADUser  -Properties * -Filter {SID -eq $ADUserSID}).PrimaryGroup
     $ADPrimaryGroupName=(Get-ADGroupName $ADPrimaryGroupDN)
     $ADGroupCategory=(Get-ADGroup $ADPrimaryGroupName).GroupCategory
     $ADGroupScope=(Get-ADGroup $ADPrimaryGroupName).GroupScope
     $Message = "Primary Group: $ADPrimaryGroupName [$ADGroupCategory, $ADGroupScope]"
-    Write-Host $Message -BackgroundColor yellow
+    Write-Output $Message
     
 #Other groups
 foreach ($ADUserMember in $ADUserMembers)
@@ -69,9 +72,9 @@ foreach ($ADUserMember in $ADUserMembers)
     $ADGroupCategory=(Get-ADGroup $ADGroupName).GroupCategory
     $ADGroupScope=(Get-ADGroup $ADGroupName).GroupScope
     $Message = "($i) $ADGroupName [$ADGroupCategory, $ADGroupScope]"
-    Write-Host $Message -ForegroundColor black
+    Write-Output $Message 
    Get-GroupMemberOf $ADGroupName '    '
-   Write-Host " " 
+   Write-Output " " 
 }
 }
 
@@ -79,8 +82,8 @@ function Get-AllMembershipsOfUsers($ADGroupName) {
 
 $devadmaccounts = get-adgroupmember -Identity $ADGroupName -Recursive 
 foreach ($devADM in $devadmaccounts) {
-    Get-UserMemberships $devADM.name 
-       Write-Host "======================================================================================================" 
+    Get-UserMemberships $devADM.SID 
+       Write-Output "======================================================================================================" 
 }
 
 }
@@ -89,8 +92,21 @@ foreach ($devADM in $devadmaccounts) {
 #-----------------------------------------------------------------
 Clear-Host
 
-$ADUser= "DannyADM"
-Get-UserMemberships $ADUser
+#$ADUser= "Qualys"
+#Get-UserMemberships $ADUser
+
+$ADGroupName = "# Developer ADM"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Developer ADM.txt"
+
+$ADGroupName = "Domain Admins"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Domain Admins.txt"
+
+$ADGroupName = "# Developer"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Developer.txt"
+
+$ADGroupName = "# Interne Automatisering Team-Assistent"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Interne Automatisering Team-Assistent.txt"
+
+$ADGroupName = "# Interne Automatisering"
+Get-AllMembershipsOfUsers $ADGroupName | Out-file "2021-06-21 Interne Automatisering.txt"
 
-#$ADGroupName = "# Developer ADM"
-#Get-AllMembershipsOfUsers $ADGroupName 

Powershell/Lists/AzureRBAC.ps1

@@ -0,0 +1,83 @@
+#Connect-AzAccount
+
+class ResourceCheck {
+    [string] $ResourceId = ""
+    [string] $Id = ""
+    [string] $Kind = ""
+    [string] $Location = ""
+    [string] $ResourceName = ""
+    [string] $ResourceGroupName = ""
+    [string] $ResourceType = ""
+    [string] $SubscriptionId = ""
+    [string] $SubscriptionName = ""
+    [string] $Tag_Team = ""
+    [string] $Tag_Product = ""
+    [string] $Tag_Environment = ""
+    [string] $Tag_Data = ""
+    [string] $Tag_Delete = ""
+    [string] $Tag_Split = ""
+    [string] $RBAC_RoleAssignmentId = ""
+    [string] $RBAC_Scope = ""
+    [string] $RBAC_DisplayName = ""
+    [string] $RBAC_SignInName = ""
+    [string] $RBAC_RoleDefinitionName = ""
+}
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Creating resource RBAC assignment overview."
+Write-Host "========================================================================================================================================================================"
+
+$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
+
+$fileName =  "c:\temp\2020-10-21 azure_rbac.csv" 
+$fileExists = Test-Path $fileName
+If ($fileExists -eq $True) {
+    Remove-Item $fileName 
+}
+
+foreach ($subscription in $subscriptions) 
+{
+Set-AzContext -SubscriptionId $subscription.Id
+
+    $allResources = Get-AzResource 
+    
+    foreach ($resource in $allResources) {
+
+        [ResourceCheck[]]$Result = @()
+
+        try {
+            $roleAssignments = Get-AzRoleAssignment -ResourceGroupName $resource.ResourceGroupName -ResourceName $resource.ResourceName -ResourceType $resource.ResourceType # | Where-Object Scope -EQ "/"
+
+            foreach($roleAssignment in $roleAssignments) {
+            [ResourceCheck] $resourceCheck = [ResourceCheck]::new()
+                $resourceCheck.ResourceId = $resource.ResourceId
+                $resourceCheck.Id = $resource.Id
+                $resourceCheck.Kind = $resource.Kind
+                $resourceCheck.Location = $resource.Location
+                $resourceCheck.ResourceName = $resource.ResourceName
+                $resourceCheck.ResourceGroupName = $resource.ResourceGroupName
+                $resourceCheck.ResourceType = $resource.ResourceType
+                $resourceCheck.SubscriptionId = $subscription.Id
+                $resourceCheck.SubscriptionName = $subscription.Name
+                $resourceCheck.Tag_Team = $resource.Tags.team
+                $resourceCheck.Tag_Product = $resource.Tags.product
+                $resourceCheck.Tag_Environment = $resource.Tags.environment
+                $resourceCheck.Tag_Data = $resource.Tags.data
+                $resourceCheck.Tag_Delete = $resource.Tags.delete
+                $resourceCheck.Tag_Split = $resource.Tags.split
+                $resourceCheck.RBAC_RoleAssignmentId = $roleAssignment.RoleAssignmentId
+                $resourceCheck.RBAC_Scope = $roleAssignment.Scope
+                $resourceCheck.RBAC_DisplayName = $roleAssignment.DisplayName
+                $resourceCheck.RBAC_SignInName = $roleAssignment.SignInName
+                $resourceCheck.RBAC_RoleDefinitionName = $roleAssignment.RoleDefinitionName
+                
+                $Result += $resourceCheck
+                }
+        } catch {
+        }
+        $Result | Export-Csv -Path $fileName -Append -NoTypeInformation
+    }
+}
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Done."

Powershell/Lists/Certificates.ps1

@@ -1,8 +1,8 @@
 #Connect-AzAccount
 
-$fileName =  ".\azure_appservice_certificates.csv" 
+$fileName =  ".\2020-12-23 azure_appservice_certificates (3).csv" 
 
-$subscriptions = Get-AzSubscription
+$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
 
 class CertificateCheck {
     [string] $SubscriptionId = ""
@@ -18,74 +18,61 @@ class CertificateCheck {
 [CertificateCheck[]]$Result = @()
 
 $StartDate=(GET-DATE)
+[CertificateCheck[]]$Result = @()
 foreach ($subscription in $subscriptions)
 {
     Set-AzContext -SubscriptionId $subscription.Id
 
-    $certs = Get-AzResource -ResourceType Microsoft.Web/certificates 
+    $certs = Get-AzResource -ResourceType Microsoft.Web/certificates -ExpandProperties -ApiVersion 2018-02-01 | Select * -Expand Properties 
     foreach ($cert in $certs) 
     {    
         $id = $cert.Id
-        $thumbprint = ($cert.Name.Split([char]"#", [char]"-"))[0]
-
-        Write-Host "Certificate $id"
-
+        
         [CertificateCheck] $certificateCheck = [CertificateCheck]::new()
 
         $certificateCheck.SubscriptionId = $subscription.Id
         $certificateCheck.CertificateId = $id
-        $certificateCheck.ThumbPrint = $thumbprint
+        $certificateCheck.ThumbPrint = $cert.Properties.thumbprint
         $certificateCheck.ResourceGroupName = $cert.ResourceGroupName
 
-        $Result += $certificateCheck
-
-    }
-}
-
-$Result | Export-Csv -Path $fileName -NoTypeInformation -Force
-
-$fileName =  ".\azure_appservice_certificates_1.csv" 
-
-foreach ($certificateCheck in $Result) 
-{ 
-    try 
-    {
-        Set-AzContext -SubscriptionId $certificateCheck.SubscriptionId
-
-        $thumbprint = $certificateCheck.ThumbPrint
-        Write-Host "thumbprint: $thumbprint"
-
-        $certificate = Get-AzWebAppCertificate -ResourceGroupName $certificateCheck.ResourceGroupName -Thumbprint $thumbprint -debug -verbose
-
-        if ($null -eq $certificate) 
+        try 
         {
-            $certificateCheck.Comment = "Could not find certificate"
-        } 
-        else 
-        {
-            try 
-            { 
-                $subjectname = $certificate.SubjectName
-                $certificateCheck.SubjectName = $subjectname
+            $thumbprint = $certificateCheck.ThumbPrint
 
-                Write-Host "Subject name: $subjectname"
+            $certificate = Get-AzWebAppCertificate -ResourceGroupName $certificateCheck.ResourceGroupName -Thumbprint $thumbprint -debug -verbose
 
-                $EndDate=[datetime]$certificate.ExpirationDate
-                $certificateCheck.ExpirationDate = $EndDate
-                $span = NEW-TIMESPAN –Start $StartDate –End $EndDate
-                $certificateCheck.TotalDays = $span.TotalDays
-            }
-            catch {
-                $certificateCheck.Comment = "Could not find expiry for certificate"
+            if ($null -eq $certificate) 
+            {
+                $certificateCheck.Comment = "Could not find certificate"
+            } 
+            else 
+            {
+                try 
+                { 
+                    $subjectname = $certificate.SubjectName
+                    $certificateCheck.SubjectName = $subjectname
+
+                    Write-Host "Subject name: $subjectname"
+
+                    $EndDate=[datetime]$certificate.ExpirationDate
+                    $certificateCheck.ExpirationDate = $EndDate
+                    $span = NEW-TIMESPAN –Start $StartDate –End $EndDate
+                    $certificateCheck.TotalDays = $span.TotalDays
+                }
+                catch {
+                    $certificateCheck.Comment = "Could not find expiry for certificate"
+                }
             }
         }
-    }
-    catch 
-    {
-        $certificateCheck.Comment = "Could not load certificate"
+        catch 
+        {
+            $certificateCheck.Comment = "Could not load certificate"
+        }
+
+        $Result += $certificateCheck
     }
 }
- 
+
 $Result | Export-Csv -Path $fileName -NoTypeInformation -Force
 
 $Result | ft

Powershell/Lists/Policies.ps1

@@ -0,0 +1,42 @@
+#Connect-AzAccount
+
+class ResourceCheck {
+    [string] $ResourceId = ""
+    [string] $Id = ""
+    [string] $Kind = ""
+    [string] $Location = ""
+    [string] $ResourceName = ""
+    [string] $ResourceGroupName = ""
+    [string] $ResourceType = ""
+    [string] $SubscriptionId = ""
+    [string] $SubscriptionName = ""
+    [string] $Tag_Team = ""
+    [string] $Tag_Product = ""
+    [string] $Tag_Environment = ""
+    [string] $Tag_Data = ""
+    [string] $Tag_Delete = ""
+    [string] $Tag_Split = ""
+}
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Creating policy assignment overview."
+Write-Host "========================================================================================================================================================================"
+
+# $subscriptions = Get-AzSubscription
+
+# $fileName =  "c:\temp\2020-08-12 azure_policies.csv" 
+# rm $fileName
+
+# foreach ($subscription in $subscriptions) 
+# {
+# Set-AzContext -SubscriptionId $subscription.Id
+
+#     $allAssignments = Get-AzPolicyAssignment
+#     $allAssignments | Export-Csv -Path $fileName -Append -NoTypeInformation
+# }
+
+$fileName =  "c:\temp\2020-08-14 azure_policiy_definitions.csv" 
+Get-AzPolicyDefinition -Builtin  | Export-Csv -Path $fileName -NoTypeInformation
+
+Write-Host "========================================================================================================================================================================"
+Write-Host "Done."

Powershell/Lists/Resources.ps1

@@ -22,9 +22,9 @@ Write-Host "====================================================================
 Write-Host "Creating resource overview."
 Write-Host "========================================================================================================================================================================"
 
-$subscriptions = Get-AzSubscription
+$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
 
-$fileName =  "c:\temp\2020-07-07 azure_resources.csv" 
+$fileName =  "c:\temp\2021-01-19 azure_resources.csv" 
 rm $fileName
 
 foreach ($subscription in $subscriptions)