ALFA-Chains: AI-Supported Discovery of Privilege Escalation and Remote Exploit Chains
Published: Apr 9, 2025
Last Updated: Apr 9, 2025
Authors:Miguel Tulla, Andrea Vignali, Christian Colon, Giancarlo Sperli, Simon Pietro Romano, Masataro Asai, Una-May O'Reilly, Erik Hemberg
Abstract
We present ALFA-Chains, a novel method capable of discovering chains of known Privilege Escalation (PE) and Remote exploits in a network. It can assist in penetration-testing without being tied to any specific penetration-testing framework. We test ALFA-Chains' ability to find exploit chains in networks ranging from 3 to 200 hosts. It can discover a chain in a 20 host network in as little as 0.01 seconds. More importantly, it is able to discover 12 novel exploit chains in a realistic firewalled network. We demonstrate the execution of one of these chains, proving ALFA-Chains' capability to improve penetration-testing.