Overview

Introduction to OWASP Top Ten A8 Insecure Deserialization lab is a premium Lab created for the intermediate skill level students to practice with insecure deserialization lab. Insecure deserialization vulnerability is the eighth of the ten most common web application security risks reported in the OWASP Top 10 2017 report Object serialization is a technique that allows networked applications to send objects between client and server and have them recreated in that state on the other side. The process of taking an object and putting it into a form suitable for network transmission is called serialization. The reverse process is called deserialization. A serialized object can take many forms, depending on the underlying implementation and language, but it can be as simple as a string that allows the specification of all the member variables.

Introduction to OWASP Top Ten A8 Insecure Deserialization lab teaches students how to identify and exploit a simple example of Insecure Deserialization, how to modify URLs to perform and implement insecure deserialization on a web application and finally how to execute arbitrary system code.

Upon successful completion of the Introduction to OWASP Top Ten A8 Insecure Deserialization lab, students should be able to Identify and exploit a simple example of Insecure Deserialization, be able to modify URLs to perform and implement insecure deserialization on a web application and have the ability execute arbitrary system code. Introduction to OWASP Top Ten A8 Insecure Deserialization lab takes approximately 1 hour to 2 hours to complete for most students.

In CybrScore’s Introduction to OWASP Top Ten A8 Insecure Deserialization lab, student will learn insecure deserialization. This is a key part of the Vulnerability Assessment Analyst work role and builds the ability to exploit insecure deserialization. In CybrScore’s Introduction to OWASP Top Ten A8 Insecure Deserialization lab student will learn, how to modify URLs to perform and implement insecure deserialization on a web application. This is a key part of the Vulnerability Assessment Analyst work role and builds the ability to identify and exploit sensitive data in a web application. In CybrScore’s Introduction to OWASP Top Ten A8 Insecure Deserialization lab student will learn how to execute arbitrary system code. This is a key part of the Vulnerability Assessment Analyst work role and builds the ability to escalate privileges and run arbitrary codes on target system.

CybrScore’s Introduction to OWASP Top Ten A8 Insecure Deserialization lab is presented by Cybrary and was created by CybrScore.

Click the launch button to start the lab.