Previous

ACL Enum

Access Control List

#Get the ACLs associated with the specified object
Get-ObjectAcl -SamAccountName student1 –ResolveGUIDs

#GenericWrite for all users > under advanced > Write all properties
Get-ObjectAcl -SamAccountName * –ResolveGUIDs | ? { ($
.ActiveDirectoryRights -match 'GenericWrite') -and ($.SecurityIdentifier -match 'S-1-5-21-1070240333-336889418-1185445934-1603') }

#Get ACLS with Invoke Scanner(scans the domain for all interesting abusable permissions)

Invoke-ACLScanner -ResolveGUIDs

Refrerence :- https://medium.com/r3d-buck3t/enumerating-access-controls-in-active-directory-c06e2efa8b89