This analytic rule detects the use of the `Adsisearcher` type accelerator in PowerShell scripts for querying Active Directory for domain computers, potentially indicating malicious reconnaissance activity. Utilizing PowerShell Script Block Logging (EventCode=4104), it scans for specific script blocks that contain the keywords `adsisearcher`, `objectcategory=computer`, and the methods `findAll()` or `findOne()`. The identification of this query could suggest a threat actor or Red Team is attempting to gather information about domain configurations and resources, facilitating further exploitation or lateral movement within a network. The rule's effectiveness hinges on the proper enabling of PowerShell Script Block Logging across endpoints to ensure accurate detection of these queries.