focused tool to search and audit msDS-AllowedToActOnBehalfOfOtherIdentity attributes in Active Directory — detecting RBCD misconfigurations, Kerberos delegation risks, and privilege escalation paths.
active-directory rbcd rbcd-delegation-auditor resource-based-attack-surface active-directory-triage-tool kerberos-delegation-inspector privilege-escalation-discovery-logic rbcd-vulnerability-scanner-pro ad-constrained-delegation-logic directory-services-security-audit automated-ad-path-finder
-
Updated
Apr 29, 2026 - C#