Module container_escape 

Container escape artifact detection.

Detects processes that may have escaped container namespace isolation by comparing mount namespace pointers against the init task’s namespace (MITRE ATT&CK T1611 — Escape to Host).

Re-exports

pub use crate::heuristics::classify_container_escape;

Structs

ContainerEscapeInfo

Information about a process exhibiting container escape indicators.

Functions

walk_container_escape

Walk all tasks and report container escape indicators.