eXtreme Vulnerable Node Application (XVNA) – Insecure nodejs deserialization
In this post we’ll have a look at the nodejs deserialization attack/exploit in XVNA (eXtreme Vulnerable Node Application). Insecure deserialization is part of the OWASP Top 10 list that was published in 2017. We’ll use the setup detailed here (XVNA…