A8 - Insecure Deserialization | Cycubix Docs

This lesson describes what is Serialization and how it can be manipulated to perform tasks that were not the original intent of the developer.


  • The user should have a basic understanding of Java programming language

  • The user will be able to detect insecure deserialization vulnerabilities

  • The user will be able to exploit insecure deserialization vulnerabilities

  • Exploiting deserialization is slightly different in other programming languages such as PHP or Python, but the key concepts learnt here also applies to all of them

Last updated