Publication
Aug 11, 2022
All Roads Lead to GKE's Host: 4+ Ways to Escape
Four distinct escape paths from Google Kubernetes Engine pods to the underlying host — a study in how container isolation assumptions break down.
Four distinct escape paths from Google Kubernetes Engine pods to the underlying host — a study in how container isolation assumptions break down.
A researcher's account of hunting macOS kernel vulnerabilities — methodology, dead ends, and the bugs that made it through.
How a subtle JIT compiler optimization error in V8 became an exploitable vulnerability — CVE-2021-30599 dissected.
A practical primer on manual source code review — how to read code like an attacker and find what automated tools miss.
A practical case study in hunting and exploiting VM escape vulnerabilities in VirtualBox.
Chaining VM escape and elevation-of-privilege vulnerabilities into a full compromise — a case study from competition and research.