You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+13Lines changed: 13 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -72,6 +72,19 @@ This performs the same, but restricts the query to start at nodes of type Pod /
72
72
MATCH p = SHORTEST 1 (src)-[r {attack_path: 1}]->+(crb:ClusterRoleBinding)-[:GRANTS_PERMISSION {attack_path: 1}]->(cr:ClusterRole {name: "cluster-admin"}) WHERE (src:ServiceAccount OR src:Pod or src:User or src:Group) RETURN p
73
73
```
74
74
75
+
Using the old `shortestPath` syntax:
76
+
77
+
```cypher
78
+
MATCH (crb:ClusterRoleBinding)-[r:GRANTS_PERMISSION {attack_path: 1}]->(cr:ClusterRole {name: 'cluster-admin'})
79
+
WITH crb, cr, r
80
+
MATCH (src) WHERE src:ServiceAccount OR src:Pod OR src:User or src:Group
81
+
WITH src, crb, cr, r
82
+
UNWIND src as s
83
+
MATCH p=shortestPath((s)-[*]->(crb))
84
+
WHERE all(r in relationships(p) where r.attack_path is not null)
85
+
RETURN p, cr, r
86
+
```
87
+
75
88
## Acknowledgements
76
89
77
90
-[BloodHound](https://github.com/BloodHoundAD/BloodHound) - The original project showing the power of graph databases for security
0 commit comments