New Series

Containment Failure

Five containers that aren't as contained as they look. Linux capabilities, environment leaks, writable bind mounts, exposed Docker sockets, and a cgroups v1 escape — the container security checklist as a lab.

Linux Capabilities Env Var Leak Bind Mount Abuse Docker Socket Escape cgroups v1 Escape
5 Machines
Free No Paywall
Container Focus
0/5 Online Now

The Machines

Five containers. Five escape vectors. Zero actual containment.

Attack Chain

Recommended order of attack.

Start Here
Machine 01
Container Caps
Capabilities
Machine 02
Container Env
Env Leak
Machine 03
Container Mount
Bind Mount
Machine 04
Container Socket
Docker Socket
Machine 05
Container Escape
cgroups v1

Ready to break out?

Five containers. Five escape techniques. Everything a cloud security engineer needs to practice in one series.

Launching 25 July 2026 — container security series covering escape techniques from capabilities to cgroups.