Quote
Finding misconfigs in Active Directory is freeā¦outside of your time.
Here are 9 of my favorite tools (all free):
Overall - PingCastle/PurpleKnight Permissions - ADeleg/ADeleginator
*Attack paths - BloodHound Applocker - Applocker Inspector*ADCS - Locksmith Logon scripts - ScriptSentry*GPO - GPOZaurr
*= utterly biased, tools I made