search

A8:2021 | Software and Data Integrity | Insecure Deserialization (1) | Cycubix Docs

hashtag
Concept

This lesson describes what is Serialization and how it can be manipulated to perform tasks that were not the original intent of the developer.

hashtag
Goals

  • The user should have a basic understanding of Java programming language.

  • The user will be able to detect insecure deserialization vulnerabilities.

  • The user will be able to exploit insecure deserialization vulnerabilities.

  • Exploiting deserialization is slightly different in other programming languages such as PHP or Python, but the key concepts learnt here also applies to all of them.

Additional information

If you want to search for Oracle's tools and commands referencer, here is a link arrow-up-rightwhere you will find tools available in Java Development Kit (JDK) including javac (compiler), java (launcher), jar (archive tool), javadoc (documentation generator), and more.

PreviousA8:2021 | Software and Data Integrity | Cycubix DocsNextA8:2021 | Software and Data Integrity | Insecure Deserialization (2) | Cycubix Doc

Last updated

Was this helpful?