analyzing-active-directory-acl-abuse
CommunityIdentify dangerous AD ACL misconfigurations.
AuthorAcczdy
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Analyzing Active Directory ACLs to identify dangerous permissions granted to non-admin principals, enabling rapid detection of risky configurations.
Core Features & Use Cases
- Parses AD security descriptors from nTSecurityDescriptor using ldap3 and maps SIDs to human-readable principals.
- Detects dangerous ACEs such as GenericAll, WriteDACL, and WriteOwner on high-value or critical objects (Domain Admins, GPOs, etc.).
- Produces a structured remediation JSON report suitable for incident response, threat hunting, and compliance validation.
Quick Start
Run the analyzer against your AD environment to scan AD objects for dangerous ACLs and generate a remediation JSON report.
Dependency Matrix
Required Modules
ldap3
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: analyzing-active-directory-acl-abuse Download link: https://github.com/Acczdy/MoZiSec/archive/main.zip#analyzing-active-directory-acl-abuse Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.