Introducing Pathfinding.cloud

Keypoints

• pathfinding.cloud publishes a standardized, open-source library documenting privilege escalation (PrivEsc) paths in AWS, including prerequisites, attack visualizations, remediation, and detection mappings.
• The library contains 65 documented paths and highlights that 27 (42%) of those paths are not detected by evaluated open-source tools, leaving significant detection gaps.
• The project uses a machine-readable YAML schema and exports all entries to a single paths.json to make the data consumable by security tools and scripts.
• Paths are categorized into five types (Self-Escalation, Principal Access, New PassRole, Existing PassRole, Credential Access) and include distinctions between required and additional permissions.
• Each path gets a unique ID (e.g., ec2-001, lambda-001) and includes fields for discovery attribution, detectionTools, and learningEnvironments to help practitioners validate coverage and practice exploitation in labs.
• The site and repository (github.com/DataDog/pathfinding.cloud) invite contributions so researchers and tool authors can add new paths or fix metadata, making privilege escalation coverage more comprehensive and visible.