-
NoSuchMethodError: The method '[]' was called on null http://stackoverflow.com/questions/60106647 …
#api#flutter#deserialization -
Exploiting a deserialization vuln despite a broken class loader in Apache Shiro https://bling.kapsi.fi/blog/jvm-deserialization-broken-classldr.html …
#ApacheShiro#deserialization -
@e_rnst is going to show us some cool exploits and demos of#deserialization@OWASP_Ottawa@BsidesOttawa 2018.pic.twitter.com/hG5S1YwbUa
-
Just wrote a new blog on Exploiting Node.js deserialization bug for Remote Code Execution https://opsecx.com/index.php/2017/02/08/exploiting-node-js-deserialization-bug-for-remote-code-execution/ …
#nodejs#deserialization -
.
@mmolgtm takes a deep dive into past Android#deserialization vulnerabilities that exploited C++ pointers wrapped inside Java objects https://hubs.ly/H0kpNQH0 -
With v6.3.0 (which will come out next week latest & adds some really bad
#deserialization vulnerability) we are officially at 100% "incompliance" with 2017's@OWASPTop10 while staying fully "backward-incompliant" with all previous editions!@owasp@vanderaj@j12934 -
Apache
#Struts - Another Remote Code Execution (#RCE) vulnerability discovered, in commons-fileupload library - do not become "the next Equifax" - patch immediately!#deserialization#CVE-2016-1000031https://www.theregister.co.uk/2018/11/07/flaw_in_apache_struts/ … -
This book, “Writing Secure Code, 2nd ed.”, was published by
@MicrosoftPress in 2003. Just saying.#deserialization pic.twitter.com/tAlb2qqGrt
-
A new
@NCCGroupInfosec blog post: RCE using ASPNET resource files and deserialization + Attacking insecure file uploaders on IIS using .RESX or .RESOURCES files: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/ …#Deserialization#AppSec#BugHunting#BugBounty#ASPNETpic.twitter.com/S7qsbkAxMXPrikaži ovu nit -
Why are
#deserialization vulnerabilities so popular? What is actually causing#deserial vulnerabilities? Read my thoughts here:https://dzone.com/articles/why-are-deserialization-vulnerabilities-so-popular … -
Heading towards
@AtlSecCon! Researchers' teasers: http://blog.gosecure.ca/2016/04/05/on-the-road-to-atlseccon/ …#deserialization#appsec#iot#malwarepic.twitter.com/0fz3tfGnOg
-
How many attack vectors can get you arbitrary code execution on modern Java applications? Here are four found by
@Becojo in different libraries. https://hubs.ly/H0jC7th0#pentest#java#codereview#rce#deserialization#xslt#injection -
5 Ways We Get On Your Network: Web App Vulns https://breakpoint-labs.com/webapp-vulns/
#Deserialization#XSS#Hacking#Pentest#infosec#appsec -
I'm very excited to speak at
@appsecusa on the hot topic of#deserialization: http://sched.co/F04J -
Resharing my writeup on exploiting nodejs deserialization vulnerability. https://securedose.blogspot.com/2018/08/celestial-hack-box.html?m=1 …
#infosec#deserialization#writeups#nodejs -
Excellent and a very detailed,easy to understand writeup on Java
#deserialization#vulnerabilities https://cdn.aws.waratek.com/v2/wp-content/uploads/2016/12/Deserialization-Discussion-Paper-20161206e.pdf … -
In this blog post,
@irsdl shows abuse of XAMLX file capabilities to run commands on a server when such files can be uploaded within an IIS application. https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2019/august/getting-shell-with-xamlx-files/ …#XAMLX#IIS#deserialization#Infosecpic.twitter.com/Gpt97AsSaj
-
For those who participated to the
@OWASP_Ottawa#Deserialization deep dives claim your badge by going to https://owasp.trendmicro.com and solving the associated challenge. Unlock code Object2018, admin password: 'iloveyou' :)https://api.badgr.io/public/assertions/eGW4dgjRT4qlRwxmsFLh6g … -
Adding some brand new material on
#jwts and different approaches to protect against#deserialization flaws, with@owasp top10 for my class@OWASPMelbourne. Register now if you haven’t already. It’s going to be a lot of fun :)https://appsecday.io/schedule/#session-appsec … -
Result of my research about current situation with
#deserialization vulns in#javascript /#nodejs https://www.acunetix.com/blog/web-security-zone/deserialization-vulnerabilities-attacking-deserialization-in-js/ …#hacking#PenTest
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.