- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Web Application Pentesting | Insecure deserialization [Arabic]
في هذا المقطع تكلمت عن المشكلة الأمنية رقم CWE-502
المفهوم برمجياً، وصف الثغرة برمجياً، كيفية استغلالها، وما خطورتها.
التوقيت :
00:00 Intro
00:48 Serialization & Deserialization Theory
01:13 Insecure deserialization Theory
02:25 Serialization & Deserialization Demo
05:39 CWE-502 Vuln-Code & Exploit Demo
15:25 Labs & Writeups
مصادر :
https://cwe.mitre.org/data/definitions/502.html
https://hackerone.com/hacktivity/cwe_discovery?id=CWE-502
https://owasp.org/www-project-top-ten/2017/A8_2017-Insecure_Deserialization
https://www.php.net/manual/en/function.serialize.php
https://www.php.net/manual/en/function.unserialize.php
https://portswigger.net/web-security/deserialization
Видео Web Application Pentesting | Insecure deserialization [Arabic] канала 0xrush
المفهوم برمجياً، وصف الثغرة برمجياً، كيفية استغلالها، وما خطورتها.
التوقيت :
00:00 Intro
00:48 Serialization & Deserialization Theory
01:13 Insecure deserialization Theory
02:25 Serialization & Deserialization Demo
05:39 CWE-502 Vuln-Code & Exploit Demo
15:25 Labs & Writeups
مصادر :
https://cwe.mitre.org/data/definitions/502.html
https://hackerone.com/hacktivity/cwe_discovery?id=CWE-502
https://owasp.org/www-project-top-ten/2017/A8_2017-Insecure_Deserialization
https://www.php.net/manual/en/function.serialize.php
https://www.php.net/manual/en/function.unserialize.php
https://portswigger.net/web-security/deserialization
Видео Web Application Pentesting | Insecure deserialization [Arabic] канала 0xrush
Комментарии отсутствуют
Информация о видео
30 октября 2025 г. 18:56:36
00:20:40
Другие видео канала
![iOS Penetration Testing 101 [Arabic]](https://i.ytimg.com/vi/6zH91gtQq2U/default.jpg)
iOS Penetration Testing 101 [Arabic]
Linux RT | Exploitation Logrotate TocTou Race Condition For R-RCE
![Linux System Programming in C | internals/Sockets [Arabic]](https://i.ytimg.com/vi/sQ-GO-YiEjw/default.jpg)
Linux System Programming in C | internals/Sockets [Arabic]
![Red Teaming Operations | Windows Persistence 101 [Arabic]](https://i.ytimg.com/vi/D2P_pjcO92I/default.jpg)
Red Teaming Operations | Windows Persistence 101 [Arabic]
![Web Application Pentesting | JS Obfuscation & Deobfuscation [Arabic]](https://i.ytimg.com/vi/dWeJ5cjJsw0/default.jpg)
Web Application Pentesting | JS Obfuscation & Deobfuscation [Arabic]
Understanding Linux Processes And Implementing Them in C
![Linux Privilege Escalation 101 [Arabic]](https://i.ytimg.com/vi/vbkbTsgIB6s/default.jpg)
Linux Privilege Escalation 101 [Arabic]
![macOS Security Research | Exploit Dev & Security Bypasses [Arabic]](https://i.ytimg.com/vi/sBlMPkJdGtk/default.jpg)
macOS Security Research | Exploit Dev & Security Bypasses [Arabic]
![Web Application Pentesting | OS Command Injection [Arabic]](https://i.ytimg.com/vi/kocsP-dXc-Q/default.jpg)
Web Application Pentesting | OS Command Injection [Arabic]
Web Application Pentesting | Performing T1057 via a CWE-22–like
macOS Red Team Operations | Dylib Code Injection
