The Cyber Threat Perspective
Step into the ever-evolving world of cybersecurity with the offensive security group from SecurIT360. We’re bringing you fresh content from our journeys into penetration testing, threat research and various other interesting topics.
brad@securit360.com
The Cyber Threat Perspective
Episode 173: How to Find Insecure Active Directory Permissions with ADeleg
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
How do you find insecure permissions in Active Directory before they turn into attack paths?
In this episode, we take a practical look at how to identify insecure Active Directory permissions using ADeleg, a free security tool trusted by penetration testers.
Misconfigured delegation and overly permissive access rights are a common source of risk in Active Directory environments. These gaps can create hidden attack paths—but many teams don’t know where to look or how to interpret what they’re seeing.
In this episode, we cover:
- How to identify insecure permissions in Active Directory
- What to look for in high-risk users and groups like Domain Users, Everyone, and Authenticated Users
- How these misconfigurations translate into real-world attack paths
- How to use ADeleg to analyze delegated permissions and uncover hidden risk
We also include a reference to ADeleginator, a related tool that can help automate parts of this process using PowerShell. While this episode focuses on hands-on analysis with ADeleg, ADeleginator is a useful companion for scaling this work.
Tools referenced:
ADeleg: https://github.com/mtth-bfft/adeleg
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer's Links: https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.
