ELInjection - Search

Users
Tweets

Sam Stepanyan @securestep9

4 Sep 2020

Can you spot a critical #vulnerability in this innocent-looking code? Great research and a blog post from @artsploit & @otavorteppesuig on Spring View Manipulation Vulnerability: #SpringFramework #AppSec #ELInjection #RCE veracode.com/blog/secure-dev…

2

4

Emre Övünç @EmreOvunc

27 Apr 2020

You can reach the presentation I prepared about Expression Language Injection, which is an attack method that we frequently encounter in Red Team activities, below. #ExpressionLanguage #injection #ELInjection #cybersecurity emreovunc.com/projects/Expre…

5

20

Andy Gill

@ZephrFish

6 Apr 2019

Just a short post following an #RCE find from @MantisSTS and I blog.zsec.uk/el-injection-rc… #BugBounty #ELInjection #Java

Leveraging Expression Language Injection (EL/OGNL Injection) for RCE

Expression Language injection or EL Injection for short is an attack vector I'd never heard of until recently. This post talks about leveraging EL for RCE.

1

49

83

14 Sep 2018

Just finished the first run of the 4 day training #AdvancedJavaExploitation by @matthias_kaiser of @codewhitesec and learned loads about #ELInjection, #StrutsExploits, #JavaDeserialization and much more! Thanks for the awesome time!

1

6