Security Descriptors

ACL

Powerview find all user that can dcsync

Get-DomainObjectAcl "<dc=dev,dc=testlab,dc=local>" -ResolveGUIDs | ? {
        ($_.ObjectType -match 'replication-get') -or ($_.ActiveDirectoryRights -match 'GenericAll')
}

Get ACL for a specific object

Get-DomainObjectAcl -Identity <user | SID> [-Verbose] | ? {$_.ActiveDirectoryRights -eq "<GenericAll>"}

List ACL for the current user

Invoke-ACLScanner | Where-Object {$_.IdentityReference -eq [System.Security.Principal.WindowsIdentity]::GetCurrent().Name}