Active Directory Investigation
Active Directory Investigation playbook provides tools and guidance to investigate changes and manipulation in Active Directory containers, ACLs, Schema, and objects. This playbook uses a 3rd party tool provided by Microsoft to scan the Active Directory access list, trees, and objects. Additional investigative information is provided for manual investigation.
Active Directory Query · 10 tasks · 0 inputs · 0 outputs
Commands used
ad-disable-account
setIncident