BTA is an open-source Active Directory security audit framework. Its goal is to help auditors harvest the information they need to answer such questions as:
Who has rights over a given object (computer, user account, etc.) ?
Who can read a given mailbox ?
Which are the accounts with domain admin rights ?
Who has extended rights (userForceChangePassword, SendAs, etc.) ?
What are the changes done on an AD between two points in time ?
more here...............https://bitbucket.org/iwseclabs/bta
Who has rights over a given object (computer, user account, etc.) ?
Who can read a given mailbox ?
Which are the accounts with domain admin rights ?
Who has extended rights (userForceChangePassword, SendAs, etc.) ?
What are the changes done on an AD between two points in time ?
more here...............https://bitbucket.org/iwseclabs/bta