VMware Exploitation
Pull requests are welcome.
Articles
2018: "CVE-2018-6973 Analysis" by Bruno Botelho [article]
2018: "VMWARE EXPLOITATION THROUGH UNINITIALIZED BUFFERS" by Abdul-Aziz Hariri [article]
2018: "AUTOMATING VMWARE RPC REQUEST SNIFFING" by Abdul-Aziz Hariri [article]
2018, OffensiveCon: "L'art de l'évasion" by Brian Gorenc, Abdul-Aziz Hariri and Jasiel Spelman [video]
2018: "A bunch of Red Pills: VMware Escapes" by Marco Grassi, Azureyang, Jackyxty [article]
2018: "Wandering through the Shady Corners of VMware Workstation/Fusion" [article]
2018, BlueHat: "Straight outta VMware" by Zisis Sialveras [video]
2017: "VMWARE’S LAUNCH ESCAPE SYSTEM" by Abdul-Aziz Hariri [article]
2017: "Out of The Truman Show: VM escape in VMware gracefully" by Lei Shi and Mei Wang [slides]
2017: "VMWARE ESCAPOLOGY – HOW TO HOUDINI THE HYPERVISOR" by Joshua Smith [article]
2017: "USE-AFTER-SILENCE: EXPLOITING A QUIETLY PATCHED UAF IN VMWARE" by Abdul-Aziz Hariri [article]
2017: "Analyzing a Patch of a Virtual Machine Escape on VMware" by Yakun Zhang [article]
2017, ZeroNights: "LEVERAGING VMWARE'S RPC INTERFACE FOR FUN AND PROFIT" [slides]
2017: "LEVERAGING VMWARE'S RPC INTERFACE FOR FUN AND PROFIT" [slides]
2017: "The Weak Bug - Exploiting a Heap Overflow in VMware" [article]
2017: "How to exploit cve 2017 4901" [article]
2017: "Escape from VMware Workstation by using "Hearthstone"" [slides]
2016: "50 Shades Of Fuzzing" by Peter Hlavaty and Marco Grassi [slides]
2015: "Escaping VMware Workstation through COM1" by Kostya Kortchinsky [article]
2008: "CLOUDBURST: A VMware Guest to Host Escape Story" by Kostya Kortchinsky [slides]
2007: "An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments" by Tavis Ormandy [whitepaper]
Exploits
https://www.exploit-db.com/search?q=vmware
https://github.com/unamer/vmware_escape
CTF tasks
Tools
Misc
https://www.vmware.com/security/advisories.html