Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.
-
Updated
Jun 13, 2020 - JavaScript
#
sandbox-escape
Here are 16 public repositories matching this topic...
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
angularjs security exploit tool xss xss-scanners vulnerability-scanners angularjs-sandbox-escape sandbox-escape angularjs-csti-scanner
-
Updated
Oct 20, 2021 - Python
PoC for CVE-2022-28281 a Mozilla Firefox Out of bounds write.
-
Updated
Apr 8, 2022 - HTML
Glass Cage is a zero-click PNG-based RCE chain in iOS 18.2.1, bypassing LockDown mode protection by exploiting ImageIO (CVE-2025-43300), then WebKit(CVE-2025-24201) and Core Media(CVE-2025-24085) to achieve sandbox escape, kernel-level access, and device bricking. Triggered via iMessage, it enables full compromise with no user interaction.
ios rce imessage privilege-escalation zeroday kernel-exploit sandbox-escape zero-click cve-2025-24085 cve-2025-24201
-
Updated
Jan 11, 2026
Tribell Edge Sandbox Escape - PoCs of Edge's legacy vulnerabilities BadgeUpdateManager / TileFlyoutUpdateManager / ToastNotificationManager to exploit cross-boundary XmlDocument sharing and escape Edge’s LPAC sandbox (CVE-2019-0555).
-
Updated
Aug 3, 2025 - JavaScript
This is a POC of a sandbox escape by found by Siguza. Works up to iOS 13.4.1.
-
Updated
May 1, 2020 - Objective-C
Check if your sandbox can be escaped.
docker cli security benchmarking sandbox sandboxing pentesting isolation security-tools devsecops ai-agents sandbox-escape container-security ai-security gvisor firecracker microvm escape-detection ai-agent llm-security
-
Updated
May 31, 2026 - Go
Professional exploit for CVE-2024-28397: Js2Py Sandbox Escape leading to Remote Code Execution (RCE). Includes modular payload generation.
-
Updated
Feb 4, 2026 - Python
Hands-on Android offensive security labs focused on real-world exploitation and system internals.
reverse-engineering penetration-testing android-security mobile-security offensive-security security-research sandbox-escape red-teaming android-exploitation
-
Updated
Jan 22, 2026
Technical analysis and Proof of Concept (PoC) regarding environment variable exfiltration in containerized cloud sandboxes via side-channel data leaks.
aws-lambda cybersecurity poc cloud-security responsible-disclosure sandbox-escape vulnerability-research
-
Updated
Apr 16, 2026
Generate weaponized PDF and Excel files to test browser document-rendering XSS and sandbox-escape defenses — 100+ research-based payloads across Chrome, Firefox, Safari, Edge & Office 365 Web. For authorized testing only.
python pdf excel xss penetration-testing appsec offensive-security payloads security-testing sandbox-escape browser-security
-
Updated
May 5, 2026 - Python
Validating DNS Exfiltration and Python Pickle RCE Attack Chains in AI Code Execution Sandboxes
python rce security-research dns-exfiltration sandbox-escape ai-security chatgpt llm-security pickle-deserialization
-
Updated
May 8, 2026 - Python
March 26th, 2026 submissions closed May 8th, 2026. Google's official threat release on May 11th, 2026 has multiple issues described almost word for word as my March 26th, 2026 VRP submissions. Plus, I used the exploit to document
bug-bounty sandbox-escape ai-security metadata-proxy security-report prompt-injection llm-safety google-vrp p1-verification stt-bypass jwt-exfiltration researcher-ripped-off vrp-fraud-proof
-
Updated
Jun 14, 2026
A simple lab created for testing CSTI vulnerability in AngularJS version 1.0.8, 1.3.20 and 1.5.8 using Sandbox Escape.
-
Updated
May 26, 2021 - PHP
Verify sandbox security by running a static binary to detect escape vectors across container, VM, and namespace isolation boundaries.
docker cli security benchmarking sandbox isolation devsecops sandbox-escape container-security gvisor microvm escape-detection ai-agent
-
Updated
Jun 16, 2026 - Go
Improve this page
Add a description, image, and links to the sandbox-escape topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the sandbox-escape topic, visit your repo's landing page and select "manage topics."