GitHub

win-ad-computer account set for RBCD delegation.yaml

description: Detects scenarios where an attacker manipulate a computer object and updates its attribute 'msDS-AllowedToActOnBehalfOfOtherIdentity' to enable a ...
GitHub

win-ad-share access with administrator forged Golden Ticket.yaml

description: Detects scenarios where an attacker used a forged Golden ticket to login on a remote shared folder. Per default or if specified, the ticket will be forged using the builtin administrator ...