RuleForge
A PowerShell utility for capturing, comparing, and exporting Windows Defender firewall rules for Microsoft Intune deployment. Captures baseline rules, compares post-install changes, and exports to JSON for Intune or CSV formats with interactive menu and CLI modes.
Security Analysis
26 files scanned on Jun 11, 2026
The uninstall script itself is not obfuscated or performing remote code execution, and it contains no credential harvesting or data exfiltration. However, it uninstalls security software and cleans up related startup items, which can create a security gap if performed without proper authorization, auditing, or governance. Recommend requiring explicit admin approval, centralized logging/auditing of uninstall actions, and alignment with Intune/RuleForge governance to avoid unintended removal of protection.
Swipe to see more
You might also like
Autopilot Branding
A PowerShell-based customization tool packaged as an Intune Win32 app for configuring Windows 10/11 devices during Autopilot deployment. Customizes start menu layout, background/theme, time zone, removes built-in apps, installs OneDrive, configures language packs, and manages Windows features.
Feature Update Controller
Feature Update Controller is a remediation package for Microsoft Intune that centralizes Windows feature upgrades with configurable setup, scripts, and custom actions. It generates and manages SetupConfig.ini, prestages Script Modules, and configures Custom Actions to tailor upgrade behavior, including post-install and rollback steps. The solution downloads and applies a manifest.json, stages scripts and actions, and supports updating or removing configurations on devices for a consistent upgrade experience.
IntuneFirewallMigration
IntuneFirewallMigration is a public-preview tool that migrates Group Policy and local firewall rules into Intune as Settings Catalog policies. It supports selecting specific firewall profiles (Domain, Private, Public) and importing only inbound or outbound rules, using Microsoft.Graph.Authentication with Invoke-MgGraphRequest. The script disables telemetry, requires Graph permissions (DeviceManagementConfiguration.ReadWrite.All), and works with PowerShell 5 or 7 to modernize firewall management in Intune.
PowerShell ADMX wizard
PowerShell ADMX Wizard creates custom ADMX/ADML templates from a CSV of registry keys, enabling Windows policies via Intune. It generates GUID-based templates, adds registry entries (STRING, DWORD, BINARY), and logs progress. After creation, upload the ADM/ADML to Intune as Imported ADMX to apply through a configuration profile.
