Active Directory
Active Directory
Specific detections can largely be found in MITRE ATT&CK Tactics and Techniques
adsecurity.org is a very helpful starting point.
https://adsecurity.org/?page_id=4031
bluteamblog.com
https://blueteamblog.com/18-ways-to-detect-malcious-actions-in-your-active-directory-logs-using-siem
"A curated list of offensive security tools and their respective commands, to be used against Windows/AD environments"