If you are managing an enterprise, you’ll undoubtedly run into storage usage concerns. Cloud storage can be relatively expensive. Some good housekeeping is vital. But, how do you determine what to clean up? There are a lot of relevant data points you can use to identify anomalous use/abuse of available storage. I’ve written a script…
Author: paytonflint
Azure – Get Group MFA Registration Info
If you’ve deployed multifactor authentication (MFA) at an enterprise scale, you’ll know it can be fraught with challenges. You may need to deploy to individual departments, or perhaps take a phased approach and deploy in traches. However you end up deciding to do your MFA rollout, you will likely need to specify a target group,…
OSINT – Find Similar Images on the Web
I recently had a unique challenge present itself. A local had shared a screenshot of an image in a social media group I am in. I had the suspicion that this screenshot might have been the entrance to some local caves that I had been to previously. However, since that photo was taken, these caves…
Cloud – Enterprise Gmail Mass-Mailer
If you’ve ever needed to perform mass-mailing operations within an enterprise, you’ll know there are a lot of considerations. Being able to bypass filters and rate limits for different platforms may be necessary to send messages in a timely manner, or to avoid bigger problems. So, if you are using Google Workspace for email, why…
PowerShell – Execute Scriptblock as Current User
Here’s a script I’ve put together that will retrieve the current user sessions from a remote host using psexec.exe. Then, it executes a scriptblock using the current user session context. Simple, but very powerful. I would suggest not running this in an enterprise environment if you would like to stay in your security team’s good…
Cloud – Retrieve Google Drive Contents by User or Drive ID
Recently, a challenge presented itself in migrating a large archive of data from a Google Drive location (frankly, a rather costly storage option) to a local NAS storage device. I have been using PSGSuite to interface with the G Suite products, so I turned to it to see what my options were. I found them…
Cloud – Search and Destroy Malicious Emails From End Users’ G-Suite Mailboxes
If you are using managing an enterprise, you will undoubtedly encounter malicious emails targeting your end users. Ideally, you could delete these messages from within your end users’ mailboxes. Normally, this is a premium feature, but if you have configured your G-Suite environment to use PSGSuite, it can be accomplished with some pretty basic scripting….
IAM – PowerShell – Manual Entra Connect Sync via Script
Recently, the need for others to be able to force a manual sync from on-prem Active Directory (AD) to Entra became apparent. I knew this could be done with PowerShell, so I got to work writing a script. Users that may run this script will need to be in the local ‘ADSyncOperators’ group on your…
Cloud- Synchronize Profile Photos Between Federated Domains (Google, Azure)
Synchronization of profile photos between Google’s G Suite and Azure is not supported by the built-in Azure Provisioning engine. This must be accomplished by some other means. In my case, of course, I look to employ PowerShell for such automation tasks. As a prerequisite, you should have already followed PSGSuite’s intial setup procedure documented on…
Cloud – Synchronizing Disablements Between Federated Domains (Azure, Google)
When configuring provisioning between Azure and Google federated domains, you will likely reference Microsoft’s documentation on configuring their canned provisioning Enterprise Application at https://learn.microsoft.com/en-us/entra/identity/saas-apps/g-suite-provisioning-tutorial. There is more information here as well: https://learn.microsoft.com/en-us/entra/identity/app-provisioning/configure-automatic-user-provisioning-portal. The procedure outlined here will get you started- however, you will quickly realize that disablements are not synchronizing between the two platforms. I…