Overview
This course teaches students how to identify and exploit insecure deserialization vulnerabilities in Java applications. By the end of the course, learners will be able to create exploits, package them, and achieve remote code execution. The teaching method involves a hands-on approach with practical challenges and demonstrations. This course is intended for individuals interested in cybersecurity, ethical hacking, and Java application security.
Syllabus
- Serial Snyker
- Challenge Explaination
- Challenge Start
- Docker Instance Specs
- Source Code Exploration
- Begin Poking at Website
- Using Snyk
- Searching for insecure deserialization vulnerabilities
- Creating an exploit
- Packaging
- Remote Code Execution!
- Building reverse shell script
- Final thoughts
- Thank You, Snyk
Taught by
John Hammond