Just completed the "Tony the Tiger" room on @tryhackme! Learned about Java deserialization—new for me. Great experience! 🚀 #TryHackMe #CyberSecurity #JavaDeserialization #CTF #Learn

More fun content from my fellow Labs researcher Thomas Hendrickson. This is a fun read if you're looking for how to handle some fairly restrictive payload size requirements as part of Java deserialization exploitation. #thornsftp #rce #cve202347174 #javadeserialization #ysoserial

Ermir - An Evil Java RMI Registry bit.ly/3WnUada #Ermir #java #JavaDeserialization #Wrapper #Ysoserial

Ermir - An Evil Java RMI Registry bit.ly/3WnUada #Ermir #java #JavaDeserialization #Wrapper #Ysoserial

Ermir - An Evil Java RMI Registry dlvr.it/Sbxphg #Ermir #java #JavaDeserialization #Wrapper #Ysoserial via KitPloit

@wabafet1 and I made a exploit for the Vcenter AMF Deserialization . Full #Analysis Available here - @AttackerKb attackerkb.com/topics/5nZX40… #exploit - github.com/dorkerdevil/LongT… #JavaDeserialization

Gososerial - Dynamically Generates Ysoserial’s Payload #JavaDeserialization #Gososerial #Payload #Ysoserial #SecurityTools #Pentesting @Emrullah_A @D3pak @ADITYASHENDE17 reconshell.com/gososerial-dy…

5-minute countdown! Will we see you there? syn.ac/3t5txuo #crowdsourcedsecurity #javadeserialization #java #cyber #cybersecurity #ethicalhacking #synacksecure #synack

RMIScout - Wordlist And Bruteforce Strategies To Enumerate Java RMI Functions And Exploit RMI Parameter Unmarshalling Vulnerabilities feedproxy.google.com/~r/Pent… #Bruteforce #BruteforceAttacks #Bruteforcing #Java #JavaDeserialization #JavaRMI

Just finished the first run of the 4 day training #AdvancedJavaExploitation by @matthias_kaiser of @codewhitesec and learned loads about #ELInjection, #StrutsExploits, #JavaDeserialization and much more! Thanks for the awesome time!