6๏ธโฃACLs Enumeration
Get the ACL's associated with the specified object
Get-ObjectACL -SamAccountName <accountname> -ResolveGUIDSGet the ACL's associated with the specified prefix to be used for search
Get-ObjectACL -ADSprefix โCN=Administrator,CN=Usersโ -VerboseGet the ACL's associated with the specified path
Get-PathAcl -Path \\<Domain controller>\sysvolSearch for interesting ACL's
Invoke-ACLScanner -ResolveGUIDs
Invoke-ACLScanner -ResolveGUIDs | select IdentityReference, ObjectDN, ActiveDirectoryRights | flSearch of interesting ACL's for the current user
Invoke-ACLScanner | Where-Object {$_.IdentityReference โeq [System.Security.Principal.WindowsIdentity]::GetCurrent().Name}Last updated