Description : A C# tool to detect a change to the domain admins group membership and notify this activity
Using this tool, I am looking for any change in the Domain Admins group. This tool prints the existing members of domain administrators and notifies on console if there is a new member added to the group. The attack surface is highly dependent on how many administrators are there in a particular domain. It should be limited and contiously monitored for the same reason.
Blogpost Link - https://rootdse.org/posts/monitoring-realtime-activedirectory-domain-scenarios