flowchart LR
subgraph CONFIG["Cloud Configuration"]
IAM[IAM policies]
ROLES[roles + trust policies]
RES[resources: buckets, instances, functions]
NET[network ACLs + paths]
end
CONFIG --> BUILDER[Graph Builder]
BUILDER --> GRAPH[(Graph Store<br/>NetworkX or Neo4j)]
subgraph GRAPH_NODES["Nodes + Edges"]
P1[(Principal: low-priv role A)]
P2[(Principal: role B)]
P3[(Principal: admin role C)]
R1[(Resource: bucket D)]
P1 -->|iam:PassRole| P2
P2 -->|sts:AssumeRole| P3
P3 -->|s3:GetObject| R1
end
GRAPH --> TRAVERSE[Traversal / Query Layer<br/>shortest-path · reachability<br/>21 Rhino methods as edges]
TRAVERSE --> PATH[Attack Path: A → B → C → D]
style BUILDER fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style TRAVERSE fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style PATH fill:#1a1015,stroke:#5eead4,color:#5eead4
Reading: The foundational abstraction. Cloud configuration (IAM, roles, resources, network) is ingested into a graph. Nodes are principals and resources; edges are the permissions and relationships connecting them. The traversal layer runs graph algorithms (shortest-path, reachability) to find chains of edges — escalation paths. The escalation methods (e.g., iam:PassRole + assume) are encoded as edges, so the traversal finds them automatically. This is the BloodHound insight applied to the cloud.
flowchart TB
subgraph PROWLER["Prowler (SDD-04) — Correlation"]
PF1[public bucket finding]
PF2[over-permissioned role finding]
PF3[network path finding]
PF1 --> PREL[correlate related findings]
PF2 --> PREL
PF3 --> PREL
PREL --> POUT[these findings are related<br/>= a path EXISTS]
end
subgraph GRAPH["Attack-Path Tools — Traversal"]
GN[nodes: principals, resources]
GE[edges: permissions, trusts]
GN --> GQ[graph query:<br/>shortest path A → admin?]
GE --> GQ
GQ --> GOUT[the actual chain:<br/>A → B → C → admin<br/>= the escalation steps]
end
PROWLER -.depth: correlation is shallow, traversal is deep.-> GRAPH
style PREL fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style GQ fill:#0d1b2a,stroke:#5eead4,color:#5eead4
Reading: The distinction from SDD-04. Prowler correlates related findings — it tells you a path exists because the findings co-occur. Attack-path tools traverse a graph — they give you the actual chain of edges (the escalation steps). Correlation is accessible (built into the CSPM); traversal is deeper (requires modeling but delivers the specific chain). Prowler's correlation is the starting point; these tools are the depth.
flowchart LR
subgraph RHINO["Rhino Security Labs: 21 AWS IAM Escalation Methods"]
M1[1. iam:PassRole + compute service]
M2[2. sts:AssumeRole on admin role]
M3[3. iam:CreatePolicy to grant self]
M4[4. iam:AttachRolePolicy]
M5["...21 methods total"]
end
RHINO --> ENCODE[pmapper encodes each as a graph edge]
ENCODE --> GRAPH[(IAM Graph)]
GRAPH --> QUERY[query: can principal X escalate?]
QUERY --> PATH[chain of edges:<br/>X → method → Y → method → admin]
style RHINO fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style ENCODE fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style PATH fill:#1a1015,stroke:#5eead4,color:#5eead4
Reading: The detection logic is not re-derived by the tool — it is encoded from human research. Rhino Security Labs cataloged 21 AWS IAM escalation methods (PassRole abuse, AssumeRole chains, CreatePolicy self-grant, etc.). pmapper encodes each as a graph edge: if the permissions exist, the edge exists. The traversal then finds chains of these edges automatically. This is knowledge-as-graph — the expert's escalation playbook, automated by traversal.
flowchart TB
AGENT[Agent harness<br/>CAI (SDD-01) or RedTeamLLM (SDD-02)] --> Q[agent emits tool_use:<br/>find_escalation_paths<br/>principal: roleA]
Q --> WRAPPER[graph-query wrapper<br/>schema-first harness tool]
WRAPPER --> GRAPH[(Attack-Path Graph<br/>pmapper / BloodHound)]
GRAPH --> PATHS[structured paths returned<br/>A → B → C → admin]
PATHS --> AGENT
AGENT --> REASON[agent reasons:<br/>I have credential for A.<br/>Path A→B→C→admin exists.<br/>Attempt the chain (with auth).]
REASON --> VERIFY[verify exploitability live<br/>path was a hypothesis]
style WRAPPER fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style GRAPH fill:#1a1015,stroke:#5eead4,color:#e4e4e8
style VERIFY fill:#2a0d0d,stroke:#5eead4,color:#f08080
Reading: The harness integration. The attack-path tools are analyst-facing (CLI, Cypher); a harness needs a tool the agent calls. The agent emits find_escalation_paths({principal}), the wrapper queries the graph, structured paths return. The agent then reasons: "I have a credential for A, a path exists, let me attempt the chain." The critical last step (red): the path was a hypothesis; live verification (with authorization) confirms exploitability. This is the SDD-01/SDD-02 integration that turns path-finding into offensive reasoning.
# Diagrams — SDD-06: Cloud Attack-Path Tooling
---
## Diagram 1 — The Graph Model (Nodes, Edges, Traversal)
```mermaid
flowchart LR
subgraph CONFIG["Cloud Configuration"]
IAM[IAM policies]
ROLES[roles + trust policies]
RES[resources: buckets, instances, functions]
NET[network ACLs + paths]
end
CONFIG --> BUILDER[Graph Builder]
BUILDER --> GRAPH[(Graph Store<br/>NetworkX or Neo4j)]
subgraph GRAPH_NODES["Nodes + Edges"]
P1[(Principal: low-priv role A)]
P2[(Principal: role B)]
P3[(Principal: admin role C)]
R1[(Resource: bucket D)]
P1 -->|iam:PassRole| P2
P2 -->|sts:AssumeRole| P3
P3 -->|s3:GetObject| R1
end
GRAPH --> TRAVERSE[Traversal / Query Layer<br/>shortest-path · reachability<br/>21 Rhino methods as edges]
TRAVERSE --> PATH[Attack Path: A → B → C → D]
style BUILDER fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style TRAVERSE fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style PATH fill:#1a1015,stroke:#5eead4,color:#5eead4
```
**Reading**: The foundational abstraction. Cloud configuration (IAM, roles, resources, network) is ingested into a graph. Nodes are principals and resources; edges are the permissions and relationships connecting them. The traversal layer runs graph algorithms (shortest-path, reachability) to find chains of edges — escalation paths. The escalation methods (e.g., iam:PassRole + assume) are encoded as edges, so the traversal finds them automatically. This is the BloodHound insight applied to the cloud.
---
## Diagram 2 — Correlation vs Traversal (Prowler vs Attack-Path Tools)
```mermaid
flowchart TB
subgraph PROWLER["Prowler (SDD-04) — Correlation"]
PF1[public bucket finding]
PF2[over-permissioned role finding]
PF3[network path finding]
PF1 --> PREL[correlate related findings]
PF2 --> PREL
PF3 --> PREL
PREL --> POUT[these findings are related<br/>= a path EXISTS]
end
subgraph GRAPH["Attack-Path Tools — Traversal"]
GN[nodes: principals, resources]
GE[edges: permissions, trusts]
GN --> GQ[graph query:<br/>shortest path A → admin?]
GE --> GQ
GQ --> GOUT[the actual chain:<br/>A → B → C → admin<br/>= the escalation steps]
end
PROWLER -.depth: correlation is shallow, traversal is deep.-> GRAPH
style PREL fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style GQ fill:#0d1b2a,stroke:#5eead4,color:#5eead4
```
**Reading**: The distinction from SDD-04. Prowler correlates related findings — it tells you a path exists because the findings co-occur. Attack-path tools traverse a graph — they give you the actual chain of edges (the escalation steps). Correlation is accessible (built into the CSPM); traversal is deeper (requires modeling but delivers the specific chain). Prowler's correlation is the starting point; these tools are the depth.
---
## Diagram 3 — The 21 Rhino Methods as Edges
```mermaid
flowchart LR
subgraph RHINO["Rhino Security Labs: 21 AWS IAM Escalation Methods"]
M1[1. iam:PassRole + compute service]
M2[2. sts:AssumeRole on admin role]
M3[3. iam:CreatePolicy to grant self]
M4[4. iam:AttachRolePolicy]
M5["...21 methods total"]
end
RHINO --> ENCODE[pmapper encodes each as a graph edge]
ENCODE --> GRAPH[(IAM Graph)]
GRAPH --> QUERY[query: can principal X escalate?]
QUERY --> PATH[chain of edges:<br/>X → method → Y → method → admin]
style RHINO fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style ENCODE fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style PATH fill:#1a1015,stroke:#5eead4,color:#5eead4
```
**Reading**: The detection logic is not re-derived by the tool — it is encoded from human research. Rhino Security Labs cataloged 21 AWS IAM escalation methods (PassRole abuse, AssumeRole chains, CreatePolicy self-grant, etc.). pmapper encodes each as a graph edge: if the permissions exist, the edge exists. The traversal then finds chains of these edges automatically. This is knowledge-as-graph — the expert's escalation playbook, automated by traversal.
---
## Diagram 4 — Agent Integration (How a Harness Consumes the Graph)
```mermaid
flowchart TB
AGENT[Agent harness<br/>CAI (SDD-01) or RedTeamLLM (SDD-02)] --> Q[agent emits tool_use:<br/>find_escalation_paths<br/>principal: roleA]
Q --> WRAPPER[graph-query wrapper<br/>schema-first harness tool]
WRAPPER --> GRAPH[(Attack-Path Graph<br/>pmapper / BloodHound)]
GRAPH --> PATHS[structured paths returned<br/>A → B → C → admin]
PATHS --> AGENT
AGENT --> REASON[agent reasons:<br/>I have credential for A.<br/>Path A→B→C→admin exists.<br/>Attempt the chain (with auth).]
REASON --> VERIFY[verify exploitability live<br/>path was a hypothesis]
style WRAPPER fill:#0d1b2a,stroke:#5eead4,color:#5eead4
style GRAPH fill:#1a1015,stroke:#5eead4,color:#e4e4e8
style VERIFY fill:#2a0d0d,stroke:#5eead4,color:#f08080
```
**Reading**: The harness integration. The attack-path tools are analyst-facing (CLI, Cypher); a harness needs a tool the agent calls. The agent emits `find_escalation_paths({principal})`, the wrapper queries the graph, structured paths return. The agent then reasons: "I have a credential for A, a path exists, let me attempt the chain." The critical last step (red): the path was a hypothesis; live verification (with authorization) confirms exploitability. This is the SDD-01/SDD-02 integration that turns path-finding into offensive reasoning.