https://github.com/BloodHoundAD/SharpHound/blob/master/Sharphound2/Enumeration/LocalGroupHelpers.cs#L748 in a small AD environment will not produce a noticeable impact, but in larger enterprise environments this will generate hugely inefficient LDAP queries that will consume CPU resources and ultimately result in a denial of service on the target server. A better method would be to utilise GPMgmt.GPM (RSAT GPMC tools) which will provide near instant results. I do not have a C# example for you as I am not a C# coder. But I have a PowerShell example.
Below is a side by side of the difference difference between the 2 methods in a test environment. GPMgmt.GPM vs. LDAP is almost 100x quicker. In larger environments the time taken and impact from the inefficient LDAP query will be exponentially worse.
https://github.com/BloodHoundAD/SharpHound/blob/master/Sharphound2/Enumeration/LocalGroupHelpers.cs#L748 in a small AD environment will not produce a noticeable impact, but in larger enterprise environments this will generate hugely inefficient LDAP queries that will consume CPU resources and ultimately result in a denial of service on the target server. A better method would be to utilise GPMgmt.GPM (RSAT GPMC tools) which will provide near instant results. I do not have a C# example for you as I am not a C# coder. But I have a PowerShell example.
Below is a side by side of the difference difference between the 2 methods in a test environment. GPMgmt.GPM vs. LDAP is almost 100x quicker. In larger environments the time taken and impact from the inefficient LDAP query will be exponentially worse.