Attacking Virtual Machines and Containers
Virtual machines (VMs) and containers are both potential targets for penetration testers, but compromising the underlying hypervisor or container host is an even more desirable goal. After all, if you can take over the underlying system, you can then seize control of many virtual machines or containers! The concept of sandbox escape is key to this, as compromising the underlying system requires either access to that system or the ability to escape from the virtual machine or container to attack the system they are running on—thus, escaping the sandbox.