Consider including VMWare vSphere #12
Description
I don't know the exact scope of this project, as I see you are oriented around AD and Azure default groups, but I figured I'd bring it up in case its interesting. Given that threat actors like Scattered Spider are deliberately targeting VMWare environments for ransomware, I think its important to sure the world knows that hypervisor services, groups and accounts used to manage them are definitely Tier Zero.
Organizations commonly use AD authentication for vCenter/hypervisor platforms and create custom AD groups (e.g., "VMWare Global Administrators", "vCenter Admins") to grant administrative access to these platforms. When these hypervisor services host domain controllers, which they often do, there are known attack paths on how to dump a DC from that position. There are tyipcally also a lot of other Tier Zero services hosted in vSphere they could potentially take control over.
Another known possible tier breach is the "ESX Admins" group that is created if you join ESXi servers to AD (which you asbolutely shouldn't do). Upon joining an ESXi host to an AD domain, the "ESX Admins" AD group is automatically granted an ESXi Admin role. There are multiple ways to exploit this. The same article places an emphasis on treating VMWare services as Tier 0.
How do you feel about adding non-default groups and services like this in this project?