Keyword: AWH

Tool Release: Serialized Payload Generator

TL;DR: Our “Serialized Payload Generation” tool, originally launched in 2021, is...

Automating Pentests for Applications with Integrity Checks using Burp Suite Custom Extension

During one of our recent web application penetration testing assignments, @reals...

Exploiting ViewState Deserialization using Blacklist3r and YSoSerial.Net

In this blog post, Sanjay talks of various test cases to exploit ASP.NET ViewSta...

Out of Band Exploitation (OOB) CheatSheet

Introduction: Out-Of-Band (OOB) technique provides an attacker with an alternati...

Anatomy of a Hack: SQLi via Crypto

Cryptography has various advantages including confidentiality of information. Ho...

Remote code execution via PHP [Unserialize]

At NotSoSecure, we conduct Pen Test/ Code Reviews on a day-to-day basis and we r...

Latest articles

Tool Release: Serialized Payload Generator

Webinar: Hacking LLM Applications- latest research & insights from our LLM pen testing projects

ECDSA Nonce Reuse Attack

Bypassing Hardened Android Applications

Path Traversal to Remote Code Execution

NotSoCereal-Lab: A Deserialization exploit playground

Speak to our experts about your needs today