GitHub

win-ad-replication privilege granted (SecretDump, DCsync).yaml

requirements: auditing SACL "Modify permissions" must be placed on the root domain container (otherwise not visible) using the Active Directory console (https://www ...
GitHub

win-ad-computer account set for RBCD delegation.yaml

description: Detects scenarios where an attacker manipulate a computer object and updates its attribute 'msDS-AllowedToActOnBehalfOfOtherIdentity' to enable a ...