Articles: Web Application Security: Understanding Java deserialization

This commit is contained in:
pe3zx 2018-05-31 15:17:20 +07:00
parent bbf80a4b84
commit 9dbfae0ee8

View File

@ -709,6 +709,7 @@ _return-to-libc techniques_
#### Web Application Security: Technique: Serialization/Deserialization #### Web Application Security: Technique: Serialization/Deserialization
- [Understanding Java deserialization](https://nytrosecurity.com/2018/05/30/understanding-java-deserialization/)
- [Why You Should Never Pass Untrusted Data to Unserialize When Writing PHP Code](https://www.netsparker.com/blog/web-security/untrusted-data-unserialize-php/) - [Why You Should Never Pass Untrusted Data to Unserialize When Writing PHP Code](https://www.netsparker.com/blog/web-security/untrusted-data-unserialize-php/)
#### Web Application Security: Technique: SQL Injection #### Web Application Security: Technique: SQL Injection