Deserialization

Aug 06, 2021 · 9 min read

HackTheBox - Ophiuchi

Deserialization attack on YAML and reversing web assembly

Jun 14, 2021 · 11 min read

Friendly PHP insecure deserialization attack and race condition

Jun 09, 2021 · 12 min read

Chaining XSS, SSRF, and deserialization vulnerabilities to get RCE

May 09, 2021 · 9 min read

Exploiting an insecure deserialization on Jackson library and how to mitigate it

Apr 17, 2021 · 11 min read

LFI to RCE on GitLab 12.8.1~12.9.0