In this talk we provide an overview of the insecure object deserialization in Java and .NET and provide an indepth look at 2 different cases of these vulnerabilities. In first part of the talk, we delve into the basics of object serialization and provide insight into why deserialization attack surfaces exist is applications built on
Read more
Read more