If you’re looking for things to practice or do, I’d really recommend you go through Corelan’s exploit writing tutorial/series or something like it instead of trying to do everything in your own self-made sandbox. There will be gotchas that you won’t know how to deal with unless you go through a tutorial that can warn you about them and help you avoid them.
I did the corelan tutorials along with fuzzy one, except browwser & kernel exploitation because I need some more free time to practice but I would like to host my own self-made sandbox… how can I setup for windows 10 instead of windows xp , 7 ?
Get a windows internals book? I personally don’t know what the differences are on a very low level but if you’ve gone through all the corelan stuff and you’re not doing kernel hacking then it should be more or less the same across the board.
Exploiting a browser and escaping their respective sandboxes has nothing to with the kernel…The kernel sits several layers below a web browser, it has no concept of what a web browser is.
This is not to say that you couldn’t cause affects that impact the way a browser behaves from the kernel, I’m just saying you don’t need to know kernel exploitation/kernel development to successfully exploit popular browsers