Twitter | Search | |
Search Refresh
Ajin Abraham 9 Feb 17
Just wrote a new blog on Exploiting Node.js deserialization bug for Remote Code Execution
Reply Retweet Like
Otto Ebeling 7 Jul 17
Exploiting a deserialization vuln despite a broken class loader in Apache Shiro
Reply Retweet Like
Alexei Kojenov 13 Jun 18
I'm very excited to speak at on the hot topic of :
Reply Retweet Like
ozzi 1 Jun 18
Reply Retweet Like
Soroush Dalili 2 Aug 18
A new blog post: RCE using ASPNET resource files and deserialization + Attacking insecure file uploaders on IIS using .RESX or .RESOURCES files:
Reply Retweet Like
Estrada Web Group 5 Sep 18
Reply Retweet Like
Aleksei Tiurin 19 Jun 18
Result of my research about current situation with vulns in /
Reply Retweet Like
Alvaro Muñoz 1 Jan 14
Replying to @DinisCruz
Not in depth but these presentations are a must read: and
Reply Retweet Like
Paul Ionescu 8 Nov 18
is going to show us some cool exploits and demos of 2018.
Reply Retweet Like
Rishu Ranjan Ghosh Sep 20
Reply Retweet Like
BreakPoint Labs 24 Oct 16
Reply Retweet Like
Antonio Sanso 11 Nov 15
gist of the vulnerability taken directly from presentation /(no Proxy used)
Reply Retweet Like
x30r #NoWhere Aug 17
Resharing my writeup on exploiting nodejs deserialization vulnerability.
Reply Retweet Like
Paul Ionescu 26 Jul 18
For those who participated to the deep dives claim your badge by going to and solving the associated challenge. Unlock code Object2018, admin password: 'iloveyou' :)
Reply Retweet Like
Apostolos Giannakidis Apr 19
19 different enterprise products were patched against a 3-year-old RCE vulnerability.
Reply Retweet Like
M. Kornowski 11 Nov 14
Reply Retweet Like
Juha-Matti Laurio 10 Dec 15
Reply Retweet Like
Black Flag Security 18 Sep 17
Reply Retweet Like
Waratek 25 May 17
Heuristics-free approach to Deserialization protection
Reply Retweet Like
Soroush Dalili 11 Sep 18
This could also affect SharePoint, more details to come later
Reply Retweet Like