Hello
Interest in tooling being used to investigate ACLs in AD and in particular those that are considered risky, such as reset password, WriteOwner and AllExtendedRights.
I'm aware of ACL Scanner, ACLight and Sharphound plus paid for Gold Finger. Are many using these in production under non privileged accounts or typically run against an offline copy?
Also, anyone know if Gold Finger is endorse by Microsoft.
Thanks
