A Look at Group Policy Attack Paths
In today’s technological landscape, Active Directory (AD) is a constant attack point for attackers. There are multiple reasons for this, including ease of misconfiguration and the fact that Active Directory contains all users, computers, and their permissions. A common vector of attack against Active Directory is via group policy. Group policy can be used as a very effective direct or indirect method of executing remote code, modifying security settings, changing user permissions, and much more.