What is virtualception
– blog about research of virtual security
– some scripts for post-exploitation of virtual environments (vSphere only currently)
For installing SDKs and tools for starting penetration testing or own research start reading here:
Why is it important
An attacker who is able to gain administrative access to a virtual environment has found the golden pot. Virtual machines are not safe from further exploitation. Often virtual environments can be found not configured in a secure maner and might be exploited in various ways.
To get an idea see also: