Insecure Deserialization | OWASPT Top 10

Thank you for watching the video :
Insecure Deserialization | OWASPT Top 10

Join me to learn more about what is serialization and deserialization and understand in-depth what is insecure deserialization.

We will also discuss the penetration test tips and tools (java serial killer, burp) to discover and exploit the vulnerability. We will also look into ysoserial which is proof of concept to understand the vulnerability and at last ways to prevent this vulnerability.

00:00 - Intro
00:22 - What is insecure deserialization
01:55 - Sterilization & deserialization process
02:57 - proof of concept (ysoserial)
04:12 - Pentest tips
05:00 - Java serial killer
05:47 - Freddy
06:29 - Preventing deserialization vulnerability

ABOUT OUR CHANNEL📜
Cyber Security is a non-profit initiative taken by security professionals. Here we are uploading a series of videos to learn and get expertise in various domains of security. We are teaching tools, techniques, and methods which can be used on penetration testing assignments.

📌CHECK OUT OUR OTHER VIDEOS
▶️ Advance File Upload Exploit | Double Extension
   • Advanced File Upload Exploit | Double Exte...  
▶️ OWASP ZAP For Beginners | Form Authentication
   • OWASP ZAP For Beginners | Form Authentication  
▶️ HTTP Security Headers | Part 02
   • HTTP Security Headers | X-Frame-Options an...  

FOLLOW US ON SOCIAL
▶️Security Blog
bhaumikshah04.blogspot.com/
▶️Facebook
www.facebook.com/InfoSecForStarters

Java serial killer - github.com/NetSPI/JavaSerialKiller

Java Deserialization Scanner - github.com/federicodotta/Java-Deserialization-Scan…

Freddy - portswigger.net/bappstore/ae1cce0c6d6c47528b4af35f…

Ysoserial - github.com/frohoff/ysoserial

#owasptop10 #webapppentest #appsec #applicationsecurity #apitesting #apipentest #cybersecurityonlinetraining #freesecuritytraining #penetrationtest #ethicalhacking #burpsuite #pentestforbegineers

Related Searches:
what is insecure deserialization
owasp top 10 security
insecure deserialization attack
insecure deserialization security
introduction to owasp top t