Information gathering AD
cmd
System
User
enumerate all local account
enumerate all users in domain
user details
GROUP
enumerate all groups in domain
group details
ACCOUNT
password policy
more about net command here https://docs.microsoft.com/en-us/troubleshoot/windows-server/networking/net-commands-on-operating-systemspowershell
get domain
enumerate user
get-aduser -folter * -searchBase "CN=Users,DC=THMREDTEAM,DC=COM"
get-aduser -folter * -searchBase "OU=THM,DC=THMREDTEAM,DC=COM"
Get-ADUser -Filter 'Name -like "*stevens"' -Server za.tryhackme.com | Format-Table Name,SamAccountName -A
enumerate groups
enumerate objects
looking for all AD objects that were changed after a specific date
$ChangeDate = New-Object DateTime(2022, 02, 28, 12, 00, 00)
Get-ADObject -Filter 'whenChanged -gt $ChangeDate' -includeDeletedObjects -Server za.tryhackme.com