A collaborative collection of valuable scripts for configuring, managing, and troubleshooting issues with Zero Networks, actively contributed by the community and Zero Networks
Segment · Connect · Trust Meter · Red & Blue Team Tools
Identity Segment (2)
Add-ClientsToIdentityLearning.ps1 - Get a filtered list of clients ready for Identity Segment Learning and add to learning.
get-currentSVCAccounts.ps1 - Retrieves and processes service accounts that have logged on within a specified number of days.
Segment (31)
install-CloudConnectorAPI.ps1 - install-CloudConnectorAPI.ps1 [[-CloudConnectorFunction] ] [[-CloudConnectorToken] ] [[-CloudConnectorSource] ] []
getSecretMicrosoftAuth.ps1 - getSecretMicrosoftAuth.ps1
checkAdmin.ps1 - checkAdmin.ps1
CollectSMBDetails.ps1 - CollectSMBDetails.ps1
Network Port Connectivity Check.ps1 - Does network connectivity Test on Clients and Trust Server on the required ports based on the Deployment guide
ZN_Troubleshooter_v01.ps1 - ZN_Troubleshooter_v01.ps1
ZNConnectivityTest.ps1 - ZNConnectivityTest.ps1
Add-AssetsToLearning.ps1 - Add-AssetsToLearning.ps1
Add-AssetsToTagGroup.ps1 - Batch adds assets to a Tag Group
add-ipToCustomGroup.ps1 - add-ipToCustomGroup.ps1 [-IPaddress] [-GroupID] [[-baseUri] ] [-APIKey] []
create-GroupEnv.ps1 - Automates the creation of groups and addition of members via an API, based on a CSV input.
Create-LearnWithBlocks.ps1 - Create-LearnWithBlocks.ps1
CreateOTAssets.ps1 - Simple API Call to add an OT/IoT asset entry to Zero Networks
get-assetAuditDates.ps1 - get-assetAuditDates.ps1
get-AssetsStaleConnection.ps1 - get-AssetsStaleConnection.ps1
Get-NoIPAssets.ps1 - Get-NoIPAssets.ps1
Import-AssetLabels.ps1 - Import-AssetLabels.ps1
Move-ProtectToLearning.ps1 - Move-ProtectToLearning.ps1
set-extendLearning.ps1 - set-extendLearning.ps1
Unprotect-ZNLearningButNotConnected.ps1 - Unprotect-ZNLearningButNotConnected.ps1
Update-ZNGroupMembers.ps1 - Updates Zero Networks custom group members with IP ranges.
New-OtAsset.ps1 - New-OtAsset.ps1 [[-CsvFilePath] ] [[-ApiKey] ] [[-ip] ] [[-fqdn] ] [[-name] ] [-DryRun]
Get-SegmentSimulationBlocks.ps1 - Get-SegmentSimulationBlocks.ps1 -ApiKey [-CsvFilePath ] [-SkipLearningFilter] [-Direction ] [-IgnorePendingRules] [-TrafficType ] [-From ] [-ShowDisabledRules] [-ShowAllowedConnections ] [] Get-SegmentSimulationBlocks.ps1 -ApiKey [-SkipLearningFilter] [-Direction ] [-IgnorePendingRules] [-TrafficType ] [-From ] [-ShowDisabledRules] [-ShowAllowedConnections ] [] Get-SegmentSimulationBlocks.ps1 -ApiKey -AssetId [-SkipLearningFilter] [-Direction ] [-IgnorePendingRules] [-TrafficType ] [-From ] [-ShowDisabledRules] [-ShowAllowedConnections ] []
auditMonitoredAssets.ps1 - This script accepts a CSV of assets which SHOULD be monitored, and queries the ZN API to see if they are showing as monitored..
Parse-AsimilyExport.ps1 - Parses Asimily asset export files and creates OT assets in Zero Networks.
Pin-AssetsToClusters.ps1 - Manages asset-to-deployment-cluster assignments in Zero Networks Segment.
enrollLinuxAsset.ps1 - Reads a CSV of Linux assets (columns matching the ZN API payload) and adds them to the Zero Networks dashboard as manual Linux assets, optionally binding them to a non-default SSH credential profile and/or pinning them to a deployment cluster.
Update-mfaPolicies.ps1 - Audits and optionally updates inbound reactive policies to set useDefaultIdp = true.
Approve-ZNProposedDeletes.ps1 - Simple script to mass accept proposed delete rules
Update-ZNBlockRulewithRiskyIps.ps1 - Update-ZNBlockRulewithRiskyIps.ps1
Update-ZNOutboundBlockfromURLFile.ps1 - Update-ZNOutboundBlockfromURLFile.ps1
Segmentation Server (5)
Add-ZNOutboundRulesProtectGPO.ps1 - Add-ZNOutboundRulesProtectGPO.ps1
breakglass-single.ps1 - breakglass-single.ps1
Get-AuditLogByTimeRange.ps1 - Get-AuditLogByTimeRange.ps1
Logs - Parse WinRM from Trust Server logs and Summarize.ps1 - Sample Script to parse through the trust server logs and summarize the last 1000 entries for quick troubleshooting
znlog-filter.ps1 - Sample Script to parse through the trust server WinRM logs including those that are in zips.
Settings (5)
Add-ZNTrustedInternetAddresses.ps1 - Simple API Call to Trusted Internet IPs
Get-ADGPOsWithFWRules.ps1 - Gets any firewall rules associated with other AD group policies (GPOs)
purgeKerberosOnHosts.ps1 - This script accepts a CSV of remote Windows servers, and runs several command useful for forcing GPO processing
Login-ZNAADSAML.ps1 - Login-ZNAADSAML.ps1
sample.ps1 - sample.ps1
Break Glass - breakglass.ps1 - This script is used to provide a break glass method in case of issues with Zero Networks Segment.
Cloud Connector (Agent) - install-CloudConnectorAPI.ps1 - Installs or uninstalls the Zero Networks Cloud Connector on Windows systems.
MicrosoftSentinel - deploy.ps1 - Zero Networks -> Microsoft Sentinel log ingestion setup (Az PowerShell).
Examples (4)
Ex1 - Simple scan for open ports on all AD assets.ps1 - Example 1 - Scans for open ports on any AD asset within the Domain
Ex2 - Simple scan for open ports on all AD Assets in Forest.ps1 - Example 2 - Scans for open ports on any AD asset within the AD Forest
Ex3 - Scan an list of IP Ranges.ps1 - Example 3 - Scans for open ports on an AD asset and any IP residing in the provided input IP ranges
Ex4 - Scan for open ports and parse JSON output.ps1 - Example 4 - Scans for open ports on any asset and IP range. After scan, parse JSON results from report
POC - POC_TrustMeter_ScanManagedAssets.ps1 - The purpose of this script is to perform a network port scan on assets managed by Zero Networks.
Find-CommonGroupsForDestination.ps1 - Find-CommonGroupsForDestination.ps1 [-MinUserCount ] [-FromDays ] [-OutputPath ] [-IncludeSourceUsers] [-MaxParallel ] [] Find-CommonGroupsForDestination.ps1 -DestinationFQDN [-MinUserCount ] [-FromDays ] [-OutputPath ] [-IncludeSourceUsers] [-MaxParallel ] [] Find-CommonGroupsForDestination.ps1 -DestinationIP [-MinUserCount ] [-FromDays ] [-OutputPath ] [-IncludeSourceUsers] [-MaxParallel ] []
If you have a script you would like to share to the community or improvements on an existing script, your help is welcome!
- Create a personal fork of the project on Github.
- Clone the fork on your local machine. Your remote repo on Github is called
origin. - Add the original repository as a remote called
upstream. - If you created your fork a while ago be sure to pull upstream changes into your local repository.
- Add your script to an existing folder/subfolder or update an existing script with your improvements.
- Comment the script so others can understand how the code works.
- Commit and push your changes to your remote repo
origin. - Submit a pull request so your changes can be reviewed and added to
Zero Networks Community Repo. - Once the pull request is approved and merged you can pull the changes from
upstreamto your local repo.