Posts Tagged: deserialization

In this post we’ll have a closer look at .NET serialization/deserialization attacks. We’ll have a .NET (C#) vulnerable code as an example (inspired by James’s work) and we will walk through it to see where the issue lies. using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Threading.Tasks; using System.Diagnostics; using System.Xml; using System.Xml.Serialization; using… Read Article →

Scroll To Top