YoVDO

New Exploit Technique in Java Deserialization Attack

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Vulnerability Analysis Courses Java Security Courses

Course Description

Overview

Explore a groundbreaking exploit technique in Java deserialization attacks presented at Black Hat. Delve into the findings from an extensive analysis of over 10,000 Java third-party libraries, uncovering vulnerabilities applicable to real-world attack scenarios. Learn about the principles and exploitation techniques behind these vulnerabilities, and discover how to compromise target servers using this novel approach. Understand how this technique not only enhances the impact of Java deserialization vulnerabilities but also amplifies other Java security issues. Discuss the far-reaching implications of this attack vector in the field of Java security. This 51-minute conference talk, delivered by Yongtao Wang, Lucas Zhang, and Kunzhe Chai, offers valuable insights for security professionals and Java developers alike.

Syllabus

New Exploit Technique In Java Deserialization Attack


Taught by

Black Hat

Related Courses

Hardening Java's Access Control by Abolishing Implicit Privilege Elevation
IEEE via YouTube
BaRMIe - Poking Java’s Back Door
44CON Information Security Conference via YouTube
Penetration Testing Considered Harmful
44CON Information Security Conference via YouTube
An In-Depth Study of More Than Ten Years of Java Exploitation
Association for Computing Machinery (ACM) via YouTube
Finding and Exploiting Novel Flaws in Java Software
SyScan360 via YouTube