This is a practical reference for breaking out of Docker containers, LXC, or Kubernetes pods when you're already inside and need host access. It covers the standard escape vectors: privileged containers, capability abuse (CAP_SYS_ADMIN, CAP_SYS_PTRACE), Docker socket exploitation, cgroup release_agent tricks, and namespace manipulation. The guide includes working commands for each technique, from simple nsenter escalation to cgroup v1 release_agent chains and runtime CVEs like runc 5736. It also flags when to pivot to related skills for privilege escalation inside the container first or Kubernetes-specific attacks. Good for red team work or understanding what makes a container configuration dangerous. The detection section helps confirm you're containerized before trying escape techniques.
npx skills add https://github.com/yaklang/hack-skills --skill container-escape-techniques