The Startup
Published in

The Startup

Deserialization Bugs in the Wild

A totally unscientific analysis of deserialization vulns found in the wild

Pickles are great! Until they lead to RCE.

What is insecure deserialization?

Serialization is a process during which an object in a programming language (say, a Java object) is converted into a format that can be saved to the database or transferred over a network. Whereas…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vickie Li

Vickie Li

Professional investigator of nerdy stuff. Hacks and secures. Creates god awful infographics. https://twitter.com/vickieli7