Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only! Grab it Explore the untapped offensive landscape of Active Directory (AD) object discretionary access control lists (DACLs) in this Black Hat conference talk. Delve into how control relationships between AD objects align with the "attackers think in graphs" philosophy, exposing a new class of control edges that expand paths to domain compromise. Learn about elevation vs. persistence techniques, targeting various AD objects, and understanding AD generic and control rights. Discover stealthy primitives, hidden DCSync backdoors, and the implications for tools like LAPS. Examine the impact on event logs, replication metadata, and potential future developments in this critical area of cybersecurity.