Back to all tools
Web AppAutomation

Windows LAPS Self‑Service Portal

Windows LAPS Self-Service Portal lets users securely retrieve the LAPS password for their own device without helpdesk tickets. Built on Azure Static Web Apps + Azure Functions and Entra ID, it enforces an only-my-device rule, requires a justification, and auto-hides the password after 60 seconds. Every access is auditable in Azure Table Storage, with a zero-stored-secrets design and Graph access via a Managed Identity.

Created by
D
Daniel Fraubaum
GitHubVisit Website

Security Analysis

6of 6
All Checks Passed

11 files scanned on Jun 11, 2026

No Obfuscated Code
No Remote Execution
No Credential Theft
No Data Exfiltration
No Malicious Patterns
No Hardcoded Secrets
AI Analysis

The code follows proper authentication and Graph API usage for the Windows LAPS self-service workflow. The primary security concerns relate to privacy/telemetry data exposure (PII in logs and telemetry) and a configuration edge case that can bypass justification length checks due to NaN MIN_JUSTIFICATION. No evidence of remote code execution, credential theft beyond legitimate Graph-based credential access, hardcoded secrets, or malicious patterns. Address privacy controls and fix the justification-length NaN issue to strengthen security posture.

Screenshots1 / 5

Swipe to see more

You might also like

Web App

Intune Drive Mapping Generator

A web-based tool that generates PowerShell scripts for network drive mapping on Intune-managed Windows 10 devices. Converts existing Group Policy drive exports to Intune-compatible scripts, supports security group filtering with nested groups, and enables recurring execution.

Nicola SuterNicola Suter
Web App

IntuneAdminTemplateMigrator

Converts Administrative Template policies to Settings Catalog — reads your existing policies and creates the equivalent Settings Catalog profiles with the same settings and values.

J
Joery Van den Bosch
Web App

NukeTool

Reset your tenant.

jorgeasaurusjorgeasaurus
Web App

OIB Deployer

OIB Deployer automates the deployment of OpenIntuneBaseline configurations within Microsoft Intune, enabling rapid, repeatable rollouts of baseline security policies and device configurations. It supports policy templating, script deployment, and integration with community-provided baseline content, with built-in logging and error reporting for auditability. Ideal for IT admins seeking consistent, scalable endpoint security across devices.

James RobinsonJames Robinson