Path Finder Search Strings

VulnToHighValue

Display paths starting with a vulnerability and resulting in the compromise of a high-value target

VulnToAzBuiltinsL5

Display paths starting with a vulnerability and resulting in the compromise of Azure's most privileged roles. ["Global Administrator", "Privileged Role Administrator", "Privileged Authentication Administrator", "Azure AD Joined Device Local Administrator"]

VulnToAzBuiltinsL4

Display paths starting with a vulnerability and resulting in the compromise of Azure's second most privileged roles - ["Application Administrator","Authentication Administrator","Authentication Policy Administrator","Azure DevOps Administrator","B2C IEF Keyset Administrator","Cloud Application Administrator","Cloud Device Administrator","Directory Synchronization Accounts","Exchange Administrator","External Identity Provider Administrator","Helpdesk Administrator","Hybrid Identity Administrator","Intune Administrator","Partner Tier1 Support","Partner Tier2 Support","Password Administrator","Security Administrator","Security Operator","User Administrator","Windows 365 Administrator"]

AnyToDomain

Display any path that results in the compromise of a Domain

VulnToDC

Display paths starting with a vulnerability that results in the compromise of a Domain Controller

VulnToEA

Display paths starting with a vulnerability that results in the compromise of an Enterprise Administrator

AuthUToHighValue

Display paths starting with an authentication compromise and resulting in the compromise of a high-value target

VulnToDA

Display paths starting with a vulnerability and resulting in compromise of Domain Admin

VulnToBIM

Display paths starting with a vulnerability and resulting in the compromise of a Business Impact Matrix prioritized device