The Startup
Published in

The Startup

Deserialization Bugs in the Wild

A totally unscientific analysis of deserialization vulns found in the wild

Pickles are great! Until they lead to RCE.

What is insecure deserialization?

Serialization is a process during which an object in a programming language (say, a Java object) is converted into a format that can be saved to the database or transferred over a network. Whereas…




Get smarter at building your thing. Follow to join The Startup’s +8 million monthly readers & +756K followers.

Recommended from Medium

How to Protect Your Source Code in the Cloud

LSP Circulation Report — December 2021

Demystifying some of the most common attacks over the internet that you may not know

Why lack of certainty is probably not helping GDPR compliance

API Security 101: Broken Object Level Authorization

A quick introduction to YARA

Huddle01 🤝

How Is an Online Voting System Secured?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vickie Li

Vickie Li

Professional investigator of nerdy stuff. Hacks and secures. Creates god awful infographics.

More from Medium

Business Logic Errors - Art of Testing Cards

Cybersecurity & Application Attacks

Top 25 Subdomain Takeover Bug Bounty Reports

X-XSS-Protection headers. Protection or vulnerability?