TwelveSec Blog - Pentesting Java Clients using Burp & JDSer-DComp
Java Deserialization — From Discovery to Reverse Shell on Limited Environments | by Francesco Soncina (phra) | ABN AMRO — Red Team | Medium
Insecure Deserialization in Python | Redfox Security
Java Deserialization — From Discovery to Reverse Shell on Limited Environments | by Francesco Soncina (phra) | ABN AMRO — Red Team | Medium
GitHub - federicodotta/Java-Deserialization-Scanner: All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
Statement of work
Red-Team: Java Deserialization — From Discovery to Reverse Shell on Limited Environments | by ABN AMRO | ABN AMRO Developer Blog | Medium
5 Common BurpSuite Extension | Automation for deserialization - Securium Solutions
Exploiting Insecure Deserialization | by IBM PTC Security | Medium
Find vulnerabilities using Software Vulnerability Scanner BurpSuite extension and Wappalyzer - YouTube
java-deserialization-scanner/README.md at master · PortSwigger/java- deserialization-scanner · GitHub
Java Deserialization — From Discovery to Reverse Shell on Limited Environments | by Francesco Soncina (phra) | ABN AMRO — Red Team | Medium
Exploiting a Java Deserialization Vulnerability using Burp Suite - YouTube
dotnet-deserialization-scanner/BurpExtender.java at master · pwntester/dotnet-deserialization-scanner · GitHub
Java DNS Deserialization, GadgetProbe and Java Deserialization Scanner - HackTricks
GitHub - federicodotta/Java-Deserialization-Scanner: All-in-one plugin for Burp Suite for the detection and the exploitation of Java deserialization vulnerabilities
Java Deserialization — From Discovery to Reverse Shell on Limited Environments — mov ax,bx