By name: chain-credential-reuse description: Build chains where leaked or weak credentials pivot across services to privileged access. metadata: subdomain: credential-access when_to_use: "credential reuse chain pivot leaked weak password sso oauth across services privileged access"
Chain: Credential Reuse Pivot
Canonical path
- Obtain credential (leak, default, weak hash crack).
- Reuse across adjacent services.
- Escalate privileges and reach crown jewel.
Graph guidance
- Represent creds as
credentialnodes. - Use
auth_asandgrantsedges to model blast radius.