Poor Man's Threat Hunting
Overview This blog is about my solutions to the challenge of session - 2 of the 3 machine session of Auror Project by Sudarshan Pisupati
The challenge is about detecting changes to Active Directory Security Groups and Domain and Local Admins. The challenge overview is given as something as follows:
** There will be 3 machines in this lab - 1 Domain Controller - 1 Server which is designated the “crown jewel” server - 1 machine where you will test your solution designated as your own machine Create and distribute security groups and members - “Server Administrators” is local administrator on crown jewel server - has 5 members - “Server Maintenance” has RDP rights - has 5 members.