Attack Paths and Misconfigurations
Section focus: Attack Paths and Misconfigurations.
Best use: start with the section map below, then move into the deeper pages that match your role or stack.
Design note: this index was refreshed to act as a cleaner GitBook landing page instead of a plain directory listing.
Start with these pages
| Page | Why open it first |
|---|---|
| ๐ Cloud Attack Chains Overview | High-value page inside Attack Paths and Misconfigurations. |
| ๐ง AWS Cloud Attack Chains | High-value page inside Attack Paths and Misconfigurations. |
| ๐ฆ Azure Cloud Attack Chains | High-value page inside Attack Paths and Misconfigurations. |
| ๐จ GCP Cloud Attack Chains | High-value page inside Attack Paths and Misconfigurations. |
| โธ๏ธ Kubernetes Attack Chains for Defensive Preparation | High-value page for teams preparing for a pentest or platform hardening pass. |
Related sections
Intro: This section translates posture problems into real attacker sequences. The point is not to be dramatic. The point is to show how a small mistake in identity, metadata, storage, CI/CD, or runtime hardening becomes a larger incident when the attacker chains steps together.
What this page includes
- a cross-cloud view of common attack patterns
- deeper provider-specific chains for AWS, Azure, and GCP
- practical hunting pivots and containment priorities
- links back to the baselines that should break the chain early
Core pages
- ๐ Cloud Attack Chains Overview
- ๐ง AWS Cloud Attack Chains
- ๐ฆ Azure Cloud Attack Chains
- ๐จ GCP Cloud Attack Chains
- โธ๏ธ Kubernetes Attack Chains for Defensive Preparation
How to use this section
Use these pages in three ways:
- Threat modeling: start with the attacker path, then ask which control would have broken the sequence first.
- Control validation: compare your identity, logging, and segmentation defaults against the chains on these pages.
- Incident response: when you already know the initial foothold, use the chain tables to predict the next two or three likely moves.