← LibraryTechnique entry
AD-GROUP-BACKUPOPPrivilege Escalation
Backup Operators → DC takeover
SeBackupPrivilege bypass NTFS perms — copy NTDS.dit and SYSTEM hive offline.
§ Where this technique fits
AD-GROUP-BACKUPOP is catalogued under the Privilege Escalation tactic of the offensive-security kill-chain. It appears in 0 approved dossiers in the registry, typically.