Awesome-Mirrors
/
awesome-web-security
mirror of https://github.com/qazbnm456/awesome-web-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add 'Tricks of Deserialization' section

This commit is contained in:
Boik 2020-05-09 21:57:57 +08:00
parent 610a6fc26c
commit 22ce6e5cd6
3 changed files with 18 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README-jp.md
View File

@ -71,6 +71,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Web Cache Poisoning](#tricks-web-cache-poisoning)
- [Header Injection](#tricks-header-injection)
- [URL](#tricks-url)
- [Deserialization](#tricks-deserialization)
- [Others](#tricks-others)
- [Browser Exploitation](#browser-exploitation)
- [PoCs](#pocs)
@ -492,6 +493,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Unicode Domains are bad and you should feel bad for supporting them](https://www.vgrsec.com/post20170219.html) - Written by [VRGSEC](https://www.vgrsec.com/).
- [[dev.twitter.com] XSS](http://blog.blackfan.ru/2017/09/devtwittercom-xss.html) - Written by [Sergey Bobrov](http://blog.blackfan.ru/).
<a name="tricks-deserialization"></a>
### Deserialization
- [ASP.NET resource files (.RESX) and deserialisation issues](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/) - Written by [@irsdl](https://twitter.com/irsdl).
<a name="tricks-others"></a>
### Others

6
README-zh.md
View File

@ -71,6 +71,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Web Cache Poisoning](#tricks-web-cache-poisoning)
- [Header Injection](#tricks-header-injection)
- [URL](#tricks-url)
- [Deserialization](#tricks-deserialization)
- [Others](#tricks-others)
- [Browser Exploitation](#browser-exploitation)
- [PoCs](#pocs)
@ -523,6 +524,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Unicode Domains are bad and you should feel bad for supporting them](https://www.vgrsec.com/post20170219.html) - Written by [VRGSEC](https://www.vgrsec.com/).
- [[dev.twitter.com] XSS](http://blog.blackfan.ru/2017/09/devtwittercom-xss.html) - Written by [Sergey Bobrov](http://blog.blackfan.ru/).
<a name="tricks-deserialization"></a>
### Deserialization
- [ASP.NET resource files (.RESX) and deserialisation issues](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/) - Written by [@irsdl](https://twitter.com/irsdl).
<a name="tricks-others"></a>
### Others

6
README.md
View File

@ -71,6 +71,7 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Web Cache Poisoning](#tricks-web-cache-poisoning)
- [Header Injection](#tricks-header-injection)
- [URL](#tricks-url)
- [Deserialization](#tricks-deserialization)
- [Others](#tricks-others)
- [Browser Exploitation](#browser-exploitation)
- [PoCs](#pocs)
@ -488,6 +489,11 @@ If you enjoy this awesome list and would like to support it, check out my [Patre
- [Unicode Domains are bad and you should feel bad for supporting them](https://www.vgrsec.com/post20170219.html) - Written by [VRGSEC](https://www.vgrsec.com/).
- [[dev.twitter.com] XSS](http://blog.blackfan.ru/2017/09/devtwittercom-xss.html) - Written by [Sergey Bobrov](http://blog.blackfan.ru/).
<a name="tricks-deserialization"></a>
### Deserialization
- [ASP.NET resource files (.RESX) and deserialisation issues](https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/august/aspnet-resource-files-resx-and-deserialisation-issues/) - Written by [@irsdl](https://twitter.com/irsdl).
<a name="tricks-others"></a>
### Others