Specific detections can largely be found in MITRE ATT&CK Tactics and Techniques

adsecurity.org is a very helpful starting point.

https://adsecurity.org/?page_id=4031

bluteamblog.com

https://blueteamblog.com/18-ways-to-detect-malcious-actions-in-your-active-directory-logs-using-siem

"A curated list of offensive security tools and their respective commands, to be used against Windows/AD environments"

https://wadcoms.github.io/