PowerView is easier to use but at the cost of getting detected. Using existing built in tools keeps you as near to offsec as possible and ADSI is almost very hard to detect. And ADSI isn't really that hard to use. Bit of ldap query knowledge + Accelerator is all you need
Yes, I know, as mentioned I built training material around that specific topic. But I would argue that if you're going to "keep as near to opsec as possible" that you should drop PowerShell and use DirectorySearcher in .NET or a C++ solution.
And I was just chiming in as to why people used it, and I stand by my personal opinion that there's minimal advantage of using the PS ADSI accelerators over a (IOC stripped) version of PowerView because both are exposed to the standard PowerShell security features
本文始发于微信公众号（天御攻防实验室）：红队攻防揭秘 - 作战安全（OPSEC）