Paper

The long-form argument behind Exploit Paths lives here.

If you want the most complete written version of the model, start with the spine paper. It is the durable explanation of why security work is shifting from isolated findings toward exploit-path construction, middle-layer reasoning, and validation loops.

Read this first

From Vulnerability Discovery to Exploit Path Construction

Workflow, Primitives, and Validation Loops in Modern Security

This is the most complete current paper in the project: the fullest single explanation of the unit shift, the middle layer, the workflow loop, and the grounded examples that make the model legible.

Paper 1, Draft 5 baseline · April 2026

Open the spine paper

What this gives you

A serious explanation, not a teaser.

The paper is where the project slows down enough to make the argument explicit. It does the work that shorter surfaces cannot: define terms carefully, separate claims from adjacent prior work, and show why the path is the real unit that matters.

If you are trying to cite the idea, pressure-test the framing, or hand someone the most complete written artifact, this is the right page family to use.

Inside the spine paper

The paper covers five core moves.

why findings-first framing breaks down. The paper opens by showing why isolated weaknesses and severity labels do not explain impact well enough on their own.
why paths are the better unit of analysis. It reframes the core question around what becomes reachable once capabilities can be composed into working routes.
how the middle layer connects weaknesses to outcomes. It defines the vocabulary needed to reason from raw findings toward roles, transitions, and stronger states.
why validation loops matter more than benchmark theater. It treats validation as the anchor of the workflow, not a final check after reasoning is already finished.
how grounded public examples make the framework legible. It uses public examples to show the model in practice without pretending the underlying ideas appeared from nowhere.

Choose your next route

Not everyone should start with the full paper.

Use the spine paper when you want the complete argument. If you need a faster orientation, a shorter summary, or grounded cases before you commit to the long read, take one of these routes instead.

Read the spine paper

Use the full long-form artifact when you want the most durable and citable version of the current argument.

Open the spine paper

Read the thesis

Use the shorter written articulation when you want the core model without the full paper pacing.

Open the thesis

See grounded cases

Use the public case pages to inspect how the framework maps onto real incidents.

Browse the cases

Open the reference surface

Use the reference layer when you want the vocabulary and concepts outside the paper format.

Open reference