Enumerating groups
Understanding which user accounts are part of which group is very valuable information for an attacker. Through this, they can quickly understand whether certain accounts might have access to other computers.
But this is also a task that blue teamers should pursue on a regular basis; often, systems and access rights are not hardened enough, so it is valuable to understand which users are part of which AD group and to adjust it.
In the longer term, it also makes sense to implement monitoring to immediately get alerted if an AD group membership changes that was not intended.
To get started enumerating your AD groups, I have written a simple script for you, which displays the groups, as well as their members: https://github.com/PacktPublishing/PowerShell-Automation-and-Scripting-for-Cybersecurity/blob/master/Chapter06/Get-UsersAndGroups.ps1.
Once you’ve downloaded the script, you can either use it and progress the output further as a PowerShell object...
