Remove registry logged on, remove GPCO from high value targets

SharpHound3/Tasks/ConvertToWrapperTasks.cs

@@ -112,8 +112,7 @@ internal static LdapWrapper CreateLdapWrapper(SearchResultEntry searchResultEntr
                         DisplayName = $"{accountName}@{accountDomain}".ToUpper()
                     };
 
-                    if (objectIdentifier.EndsWith("-512") || objectIdentifier.EndsWith("-516") || objectIdentifier.EndsWith("-519") ||
-                        objectIdentifier.EndsWith("-520") || objectIdentifier.EndsWith("S-1-5-32-544") || objectIdentifier.EndsWith("S-1-5-32-550") ||
+                    if (objectIdentifier.EndsWith("-512") || objectIdentifier.EndsWith("-516") || objectIdentifier.EndsWith("-519") || objectIdentifier.EndsWith("S-1-5-32-544") || objectIdentifier.EndsWith("S-1-5-32-550") ||
                         objectIdentifier.EndsWith("S-1-5-32-549") || objectIdentifier.EndsWith("S-1-5-32-551") || objectIdentifier.EndsWith("S-1-5-32-548"))
                     {
                         wrapper.Properties.Add("highvalue", true);

SharpHound3/Tasks/LoggedOnTasks.cs

@@ -32,7 +32,7 @@ internal static async Task<LdapWrapper> ProcessLoggedOn(LdapWrapper wrapper)
                 {
                     var sessions = new List<Session>();
                     sessions.AddRange(await GetLoggedOnUsersAPI(computer));
-                    sessions.AddRange(await GetLoggedOnUsersRegistry(computer));
+                    //sessions.AddRange(await GetLoggedOnUsersRegistry(computer));
                     var temp = computer.Sessions.ToList();
                     temp.AddRange(sessions);
                     computer.Sessions = temp.Distinct().ToArray();