Goal: Identify attackers attempting privilege escalation and gather information about their techniques.
Approach: Creating enticing but fake privilege escalation vulnerabilities.
Introduce seemingly vulnerable services or configurations that appear to allow privilege escalation. These paths lead to controlled environments or trigger alerts upon exploitation, revealing attacker TTPs.