Discovering New AWS Privilege Escalation Paths with an AI-Driven Workflow
Seth Art
fwd:cloudsec North America 2026 · Day 1
Seth Art's presentation at fwd:cloudsec dives into an innovative, **AI-driven workflow** designed to identify novel **privilege escalation** (PE) paths within Amazon Web Services (AWS) Identity and Access Management (IAM). As cloud environments become increasingly complex and multi-account, traditional methods of discovering and cataloging vulnerabilities struggle to keep pace. Art, a penetration tester, shares his journey from an initial ambition to build a modular exploitation framework to the creation of an extensive catalog of known paths and, critically, a methodology for uncovering previously unresearched attack vectors.
AI review
Genuine research output: 17 confirmed new AWS privilege escalation paths, a public catalog at pathfinding.cloud, and a reproducible AI-assisted methodology that actually produced results rather than just describing the idea of producing results. The 'AI-driven' framing would normally make me reach for the eject button, but here it's warranted — LLMs were used as a research accelerator for hypothesis generation and validation, not as a marketing veneer on a grep script.