awesome-vm-exploit
github.com/winmin/awesome-vm-exploit ↗share some useful archives about vm and qemu escape exploit.
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me writeup and exploit resources from awesome-vm-exploit"
Installation instructions →What's inside
CTFs
- 0CTF 2017 - QEMU Escape
QEMU Escape
- 48 小时逃逸 VirtualBox 虚拟机 - 记一次 CTF 中的 0day 之旅
记一次 CTF 中的 0day 之旅
- HITB 2017 - babyqemu
babyqemu
- RealWorld CTF - state-of-the-art_vm
state-of-the-art_vm
- RWCTF 3rd - BoxEscape (VirtualBox 6.1)
BoxEscape (VirtualBox 6.1)
VMware / ESXi / Fusion
- A Bunch of Red Pills: VMware Escapes (Keen Lab)
- Bugs of Yore: A Bug Hunting Journey on VMware's Hypervisor (Black Hat USA 2024)
- CVE-2022-31705: GeekPwn 2022 VMware EHCI OOB
- On the Clock: Escaping VMware Workstation at Pwn2Own Berlin 2025 - PVSCSI Heap Overflow (Synacktiv)
PVSCSI Heap Overflow (Synacktiv)
- The Great Escapes of VMware: A Retrospective Case Study of G2H Escape Vulnerabilities (Black Hat EU 2017)
- The Great VM Escape - ESXicape: CVE-2025-22224/22225/22226 Exploit Chain (Huntress)
ESXicape: CVE-2025-22224/22225/22226 Exploit Chain (Huntress)
Parallels Desktop
- Advanced Exploitation of Simple Bugs - A Parallels Desktop Case Study (Pwn2Own 2021)
A Parallels Desktop Case Study (Pwn2Own 2021)
- CVE-2023-27326: Parallels Desktop Toolgate Vulnerability
VirtualBox
- Analysis of VirtualBox CVE-2023-21987 and CVE-2023-21991 - VGA & TPM OOB (Pwn2Own 2023)Writeup and Exploit
VGA & TPM OOB (Pwn2Own 2023)
- CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own (ZDI)Writeup and Exploit
- Escaping VirtualBox 6.1Writeup and Exploit
- Oracle VirtualBox < 5.1.30 / < 5.2-rc1 - Guest to Host EscapeWriteup and Exploit
Guest to Host Escape
- Thinking Outside the VirtualBox - Pwn2Own 2018 漏洞分析Writeup and Exploit
Pwn2Own 2018 漏洞分析
- VirtualBox 5.2.6.r120293 - VM EscapeWriteup and Exploit
VM Escape
Hyper-V
- Awesome Hyper-V Exploitation - Resource List
Resource List
- CVE-2023-36427: Windows Hyper-V Elevation of Privilege Vulnerability
- CVE-2025-21333: Hyper-V NT Kernel Integration VSP Heap Overflow - SYSTEM Privilege Escalation
SYSTEM Privilege Escalation
- CVE-2025-48822: Hyper-V DDA (Discrete Device Assignment) OOB Read - Local Code Execution
Local Code Execution
Docker / Container
- CDK - Zero Dependency Container Penetration ToolkitTools
Zero Dependency Container Penetration Toolkit
- Docker Escape Technology (CanSecWest 2016)Background
- Docker 容器逃逸案例分析Writeup and Exploit
- Escaping Docker Container Using waitid - CVE-2017-5123Writeup and Exploit
CVE-2017-5123
- Leaky Vessels: CVE-2024-21626 runc Container Breakout (Snyk)Writeup and Exploit
Wiz Deep DiveStatic Detector
- NVIDIA Container Toolkit CVE-2024-0132 Container Escape Deep Dive (Wiz)Writeup and Exploit
QEMU
- CVE-2020-14364 QEMU 逃逸漏洞分析
- From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow (OtterSec)
Exploit
- QEMU Escape Analysis - CVE-2015-7504 and CVE-2015-7512
CVE-2015-7504 and CVE-2015-7512
- QEMU Escape Exploits Collection
- QEMU-KVM 和 ESXi 虚拟机逃逸实例分享 - 360 Vulcan Team
360 Vulcan Team
- Resurrecting Zombies: DMA Reentrancy in QEMU (HITB 2023)
Showing a sample of 46 resources. View the full list on GitHub →