Abstract
The importance of Cyber Security is increasing every single day. From the emergence of new ransomware to major data breaches, the online world is getting dangerous. A multinational non- profit group devoted to online application security is called OWASP, or the Open Web Application Security Project. The OWASP Top 10 is a frequently updated report that highlights the ten most important vulnerabilities to web application security. Among these 10 vulnerabilities, there exists a vulnerability called Software and Data Integrity Failures. A subset of this vulnerability is Insecure Deserialization. An object is transformed into a stream of bytes through the serialization process in order to be stored in memory, a database, or a file. Deserialization is the procedure used to transform bytes of serialized data into readable form. When a website deserializes user- controllable data without any validation, it is known as Insecure Deserialization. An attacker may be able to modify serialized objects in this way to introduce dangerous data into the application code. In this research, we discuss thoroughly Insecure Deserialization in Python and attempt to create an automated scanner for detecting it. We go into detail about the working of Insecure Deserialization and study this vulnerability in different languages such as Java, Python, and PHP. We also talk about various prevention techniques
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
