Deserialization Exploitation Archives

Heyserial will Programmatically create hunting rules for deserialization exploitation with multiple keywords (e.g. cmd.exe) gadget chains (e.g. CommonsCollection) object types (e.g. ViewState, Java, Python Pickle, PHP) encodings (e.g. Base64, raw) rule types (e.g. Snort, Yara) Usage Help: python3 heyserial.py -h Examples: python3 heyserial.py -c ‘ExampleChain::condition1+condition2’ -t JavaObjpython3 heyserial.py -k cmd.exe whoami ‘This file cannot be run …

Continue reading “Heyserial : Programmatically Create Hunting Rules For Deserialization Exploitation”